urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vingroupwin.ph/
Effective URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Submission: On December 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 7 countries across 81 domains to perform 406 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2023. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.79.222.138 63949 (AKAMAI-LI...)
16 45.79.244.12 63949 (AKAMAI-LI...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:3c02::f0... 63949 (AKAMAI-LI...)
1 3 108.138.26.63 16509 (AMAZON-02)
22 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2.18.96.104 16625 (AKAMAI-AS)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 68.183.18.251 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:3c02:1::... 63949 (AKAMAI-LI...)
6 44.193.179.92 14618 (AMAZON-AES)
2 2620:116:800d... 16509 (AMAZON-02)
7 34.107.217.107 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.239.94.32 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
31 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.122 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.212.5.247 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
13 17 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2602:803:c004... 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 141.95.33.120 16276 (OVH)
9 3.71.149.231 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 46.228.174.115 56396 (AMOBEE)
1 18.66.122.63 16509 (AMAZON-02)
6 12 37.252.171.85 29990 (ASN-APPNEX)
1 3.69.93.92 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
5 52.19.94.255 16509 (AMAZON-02)
1 2.18.97.29 16625 (AKAMAI-AS)
1 145.40.97.67 54825 (PACKET)
6 12 172.64.151.101 13335 (CLOUDFLAR...)
1 3 51.38.120.206 16276 (OVH)
1 8.2.111.104 46636 (NATCOWEB)
1 2a0c:5c87:523... 55081 (24SHELLS)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 3.217.130.42 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
2 15.197.179.7 16509 (AMAZON-02)
1 35.244.193.51 15169 (GOOGLE)
1 131.153.158.209 60558 (SECUREDSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.82.17.205 14618 (AMAZON-AES)
1 18.202.86.19 16509 (AMAZON-02)
5 23.32.185.35 16625 (AKAMAI-AS)
1 162.19.138.119 16276 (OVH)
1 1 45.137.176.88 60350 (VP)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:3::12 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
8 178.250.1.6 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
12 178.250.1.9 44788 (ASN-CRITE...)
8 2a02:2638:3::10 44788 (ASN-CRITE...)
6 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 2 3.121.34.204 16509 (AMAZON-02)
5 10 142.250.185.130 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 5 69.173.144.138 26667 (RUBICONPR...)
5 52.57.96.192 16509 (AMAZON-02)
4 95.101.148.20 16625 (AKAMAI-AS)
4 185.86.139.103 201081 (SMARTADSE...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 13.248.245.213 16509 (AMAZON-02)
4 37.157.6.232 198622 (ADFORM)
4 54.155.236.110 16509 (AMAZON-02)
4 8 34.253.135.155 16509 (AMAZON-02)
4 34.117.157.22 396982 (GOOGLE-CL...)
4 18.157.198.8 16509 (AMAZON-02)
4 52.209.247.244 16509 (AMAZON-02)
4 64.202.112.159 22075 (AS-OUTBRAIN)
4 198.47.127.205 3257 (GTT-BACKB...)
4 3.66.183.224 16509 (AMAZON-02)
4 2600:1f18:612... 14618 (AMAZON-AES)
4 23.213.165.82 16625 (AKAMAI-AS)
4 54.228.20.207 16509 (AMAZON-02)
4 18.192.146.238 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:1901:0:7... 15169 (GOOGLE)
4 34.246.253.18 16509 (AMAZON-02)
2 104.102.45.165 16625 (AKAMAI-AS)
4 3.132.66.110 16509 (AMAZON-02)
406 103
2    45.79.222.138 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: apple.parklogic.com
vingroupwin.ph
16    45.79.244.12 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-45-79-244-12.an.nodebalancer.linode.com
simcast.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700:3038::6815:eab1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
12    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
parking2.parklogic.com
3    108.138.26.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-63.fra56.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
22    2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
2    2.18.96.104 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-104.deploy.static.akamaitechnologies.com
content.api.news
4    2a02:26f0:480:9a4::3134 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cnn.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    68.183.18.251 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture2.analytics.hbwrapper
cat2.hbwrapper.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
17    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:3c02:1::2d4f:f4d1 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
parking3.parklogic.com
6    44.193.179.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-179-92.compute-1.amazonaws.com
s2l.sendtonews.com
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
7    34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com
static.anonymised.io
aegis.anonymised.io
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:223c:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.239.94.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-32.ams1.r.cloudfront.net
player.sendtonews.com
1    2600:9000:223c:7200:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    2600:9000:2250:8e00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
31    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.212.5.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
17    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com
7    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
9    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
p.gcprivacy.com
12    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    3.69.93.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-93-92.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    52.19.94.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2.18.97.29 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-29.deploy.static.akamaitechnologies.com
a.teads.tv
1    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    8.2.111.104 (United States)

ASN46636 (NATCOWEB, US)
smartssp-us-east.iqzone.com
1    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2a00:1450:4001:806::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
10    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    3.217.130.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-130-42.compute-1.amazonaws.com
p2.gcprivacy.com
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
2    15.197.179.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com
aggle.net
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)
id.a-mx.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    54.82.17.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-17-205.compute-1.amazonaws.com
idx.liadm.com
1    18.202.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
5    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
at.teads.tv
criteo-sync.teads.tv
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
12    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl3.eu.criteo.com
dis.criteo.com
8    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
6    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    3.121.34.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com
pm.w55c.net
10    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    52.57.96.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
4    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
8    34.253.135.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-135-155.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
4    18.157.198.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
4    52.209.247.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-247-244.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
4    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
4    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
4    3.66.183.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-183-224.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    2600:1f18:612b:4232:e6bb:aabb:4218:240a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
4    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
4    54.228.20.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-20-207.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    18.192.146.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
4    34.246.253.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
4    3.132.66.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-66-110.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
45 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143
csm.eu.criteo.net — Cisco Umbrella Rank: 9625
183 KB
42 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
ads.eu.criteo.com — Cisco Umbrella Rank: 9522
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 18794
dis.criteo.com — Cisco Umbrella Rank: 550
203 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
390 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com
416 KB
22 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 320
140 KB
16 simcast.com
simcast.com
119 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at — Cisco Umbrella Rank: 35458
134 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
r.casalemedia.com — Cisco Umbrella Rank: 1462
7 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
9 KB
10 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
9 KB
10 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 13026
embedcdn.sendtonews.com — Cisco Umbrella Rank: 14375
s2l.sendtonews.com — Cisco Umbrella Rank: 12998
player.sendtonews.com — Cisco Umbrella Rank: 15031
111 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
5 KB
8 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
38 KB
7 anonymised.io
static.anonymised.io — Cisco Umbrella Rank: 20779
aegis.anonymised.io — Cisco Umbrella Rank: 20307
37 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
at.teads.tv — Cisco Umbrella Rank: 4890
criteo-sync.teads.tv — Cisco Umbrella Rank: 2120
1 KB
6 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
319 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
5 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
957 B
4 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2253
1 KB
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
1 KB
4 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1855
173 B
4 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331
149 B
4 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
940 B
4 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462
2 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
137 B
4 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 723
447 B
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
580 B
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 936
2 KB
4 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
3 KB
4 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10023
550 B
4 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
2 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1211
649 B
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
557 B
4 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1460
393 B
4 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
453 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
294 KB
4 cnn.com
cdn.cnn.com — Cisco Umbrella Rank: 7737
204 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
cloudflare.com — Cisco Umbrella Rank: 114
6 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
995 B
3 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 24493
p2.gcprivacy.com — Cisco Umbrella Rank: 13013
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
693 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 287
4 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
12 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
1 KB
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 192580
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
1019 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 aggle.net
aggle.net — Cisco Umbrella Rank: 18630
2 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
159 B
2 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
lexicon.33across.com — Cisco Umbrella Rank: 1596
5 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
9 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
3 KB
2 api.news
content.api.news — Cisco Umbrella Rank: 71092
71 KB
2 parklogic.com
parking2.parklogic.com
parking3.parklogic.com — Cisco Umbrella Rank: 280330
48 KB
2 vingroupwin.ph
vingroupwin.ph
3 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
584 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
610 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
725 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
271 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2268
367 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
340 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1702
263 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4825
1 KB
1 iqzone.com
smartssp-us-east.iqzone.com — Cisco Umbrella Rank: 21136
238 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
166 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
642 B
1 hbwrapper.com
cat2.hbwrapper.com — Cisco Umbrella Rank: 19055
256 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 24063
173 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
0 medialead.de Failed
pv.medialead.de Failed
0 usbrowserspeed.com Failed
a.usbrowserspeed.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
406 81
Domain Requested by
31 static.criteo.net securepubads.g.doubleclick.net
cdn.adapex.io
ads.eu.criteo.com
static.criteo.net
22 img-s-msn-com.akamaized.net simcast.com
17 securepubads.g.doubleclick.net cdn.adapex.io
embed.sendtonews.com
securepubads.g.doubleclick.net
vingroupwin.ph
www.googletagservices.com
simcast.com
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
16 gum.criteo.com 13 redirects static.criteo.net
cdn.adapex.io
16 simcast.com vingroupwin.ph
simcast.com
code.jquery.com
12 ib.adnxs.com 6 redirects cdn.adapex.io
ads.eu.criteo.com
widget.nl3.eu.criteo.com
12 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
www.googletagservices.com
10 cm.g.doubleclick.net 5 redirects 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
simcast.com
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
9 ups.analytics.yahoo.com connectid.analytics.yahoo.com
ads.eu.criteo.com
widget.nl3.eu.criteo.com
8 dpm.demdex.net 4 redirects ads.eu.criteo.com
8 r.casalemedia.com 4 redirects ads.eu.criteo.com
8 dis.criteo.com ads.eu.criteo.com
8 imageproxy.eu.criteo.net ads.eu.criteo.com
8 cat.nl3.eu.criteo.com simcast.com
ads.eu.criteo.com
7 id5-sync.com cdn.id5-sync.com
cdn.adapex.io
ads.eu.criteo.com
widget.nl3.eu.criteo.com
6 assets.ad4m.at as.ad4m.at
6 csm.eu.criteo.net ads.eu.criteo.com
6 s2l.sendtonews.com embed.sendtonews.com
5 x.bidswitch.net 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
ads.eu.criteo.com
widget.nl3.eu.criteo.com
5 pixel.rubiconproject.com 1 redirects ads.eu.criteo.com
widget.nl3.eu.criteo.com
5 www.googletagservices.com securepubads.g.doubleclick.net
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ad.360yield.com cdn.adapex.io
ads.eu.criteo.com
widget.nl3.eu.criteo.com
5 static.anonymised.io www.googletagmanager.com
static.anonymised.io
4 s.thebrighttag.com ads.eu.criteo.com
4 beacon.krxd.net ads.eu.criteo.com
4 e1.emxdgt.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 ad.yieldlab.net ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 criteo-partners.tremorhub.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 match.sharethrough.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 simage2.pubmatic.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 sync.outbrain.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 jadserve.postrelease.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 exchange.mediavine.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 matching.ivitrack.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 visitor.omnitagjs.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 cm.adform.net ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 eb2.3lift.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 criteo-sync.teads.tv ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 sync-t1.taboola.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 rtb-csync.smartadserver.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 contextual.media.net ads.eu.criteo.com
widget.nl3.eu.criteo.com
4 ad4m.at as.ad4m.at
ad4m.at
4 widget.nl3.eu.criteo.com ads.eu.criteo.com
4 as.ad4m.at 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 ads.eu.criteo.com cdn.adapex.io
4 www.googletagmanager.com simcast.com
cdn.adapex.io
www.googletagmanager.com
4 cdn.cnn.com simcast.com
3 www.google.com tpc.googlesyndication.com
simcast.com
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
3 onetag-sys.com 1 redirects cdn.adapex.io
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
3 cdnjs.cloudflare.com simcast.com
static.anonymised.io
2 www.awin1.com as.ad4m.at
2 pm.w55c.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 dsum.casalemedia.com 2 redirects
2 aggle.net p.gcprivacy.com
aggle.net
2 p2.gcprivacy.com p.gcprivacy.com
simcast.com
2 targeting.unrulymedia.com cdn.adapex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 oajs.openx.net 1 redirects simcast.com
2 fonts.googleapis.com client
securepubads.g.doubleclick.net
2 aegis.anonymised.io static.anonymised.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cdn.jsdelivr.net cdn.adapex.io
securepubads.g.doubleclick.net
2 content.api.news simcast.com
2 embed.sendtonews.com 1 redirects embed.sendtonews.com
2 vingroupwin.ph vingroupwin.ph
1 prod-rtb.ad4mat.net 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 dsp.adfarm1.adition.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dsum-sec.casalemedia.com simcast.com
1 sync.adotmob.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 at.teads.tv cdn.adapex.io
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 id.hadron.ad.gt cdn.adapex.io
1 id.a-mx.com cdn.adapex.io
1 lexicon.33across.com cdn.adapex.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 region1.google-analytics.com www.googletagmanager.com
1 storage.googleapis.com simcast.com
1 prebid.media.net cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 smartssp-us-east.iqzone.com cdn.adapex.io
1 htlb.casalemedia.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 a.teads.tv cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 p.gcprivacy.com cdn.adapex.io
1 mug.criteo.com simcast.com
1 fastlane.rubiconproject.com embed.sendtonews.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 pixel.quantserve.com simcast.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 player.sendtonews.com embed.sendtonews.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.googletagmanager.com
1 parking3.parklogic.com simcast.com
1 cloudflare.com cdn.adapex.io
1 cat2.hbwrapper.com cdn.adapex.io
1 embedcdn.sendtonews.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 pv.medialead.de Failed as.ad4m.at
0 a.usbrowserspeed.com Failed aggle.net
0 api.rlcdn.com Failed cdn.adapex.io
406 122

This site contains links to these domains. Also see Links.

Domain
www.namecheap.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-09 -
2024-08-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
adapex.io
E1		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-19 -
2024-01-19		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-25		 a year crt.sh
www.turner.com
GlobalSign RSA OV SSL CA 2018		 2023-05-09 -
2024-06-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cat2.hbwrapper.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-12-01 -
2024-02-29		 3 months crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
anonymised.io
GTS CA 1D4		 2023-11-18 -
2024-02-16		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M03		 2023-11-03 -
2024-12-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
aggle.net
Amazon RSA 2048 M01		 2023-07-30 -
2024-08-27		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
itm.ivitrack.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2023-11-20 -
2024-11-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
ad4mat.net
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-11-21 -
2024-02-19		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh

This page contains 36 frames:

Primary Page: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Frame ID: 8E90F9B64FEF0450C67D78DAE3554287
Requests: 120 HTTP requests in this frame

Frame: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Frame ID: 521B1CA5B3DB4AA9FC4568AC576E3554
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 37C84B00DBBB8BB19E43D4AE0AA51732
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1701432225&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432225102&bpp=2&bdt=1508&idt=176&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1598984237799&frm=20&pv=2&ga_vid=1642492729.1701432225&ga_sid=1701432225&ga_hid=1148522360&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809317%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1709751277934431&tmod=1854443838&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fvingroupwin.ph%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=189
Frame ID: 52593EF42DA6B305CEE0A67176E47EF2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Frame ID: B9F52C575ECCE93ED8D05D46E8D1E154
Requests: 2 HTTP requests in this frame

Frame: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1C996BAB7D20386C84D083F020DC1913
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 269A0F936B36B21FFA66752B53A1613B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63FFCB062C605E32ABDA5B57297D0203
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: EC5C7F8FE1DDB3FCADF9049ACF675A1A
Requests: 1 HTTP requests in this frame

Frame: https://891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0FD0B7BBC1BCA43290596D58BE0A608A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Frame ID: D9157A4B4C4B4401BCAEB0F7256F5C3F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Frame ID: 772EF9AFF184B0934DB37559F7F05DEB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Frame ID: BF80DBA47D851CD9229B908C7409B527
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Frame ID: 171F17DF08385EEC43C686EF0407C3BA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 5CFE53549A99AA67C8F9B282A0B1BBB1
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdLr6gqADu0uVOiypk7RbodtC-jJ3TVuqKmywUOfrfgpkbXmPCe5DPr6vtJyHC9SHUWXUfopsTK8p77M3RagT80naKmSAk20C4GBbd5ayElHbEqJQFCBN4loi82AWGMzooYCdxwmPEFG9l2aWqlif2oI6Q40rjIt62wLt_QRvd_4Rpk8fLCiLXoI-BsqMto0vs3RPwrAmbxrJS3H3YcFlEVeemCz3A4pNkLGb6DayvTjET1Y68GLJ7OTTt1KkwMBVXO2C-FrGA-yEZozbrL_qhr6TfpYHTlHq9acv6jpwjZgzpPc8mCBWVu8-mwUX6gCk7Hw3LL7byoPRZ1UM_gZU58QE2foE3-Q&sai=AMfl-YRzmaP5W2RFP7LHeBWo0IY3EFK9isH2BahvmchPb_vhLERpusr0dhBukSuP2qnqISQG7HdIdk6_0nXCKjuc0BhPM9mnrrbVJhySiCp5RKnlN_HCk4PBNNyo7vl0vA7xeTREqScFN5pDLLilcL7YZThtosYTt0soExWd9w&sig=Cg0ArKJSzEUyzQq7lLAjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D5B427AB1987547FF33A01AB14B2B471
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Frame ID: 487CA9F96ECF256D7BBB5C245259802C
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssBZ23qjwXNnql8RydxHS81qv5O9PNZXCzLrdQbaDMkfmGZuOuMSP-lM7HJhxunpAKiQo0gNb0wKIoenf5ZSc87LiV-d7fXPZlwWpvlxuYDy_Mw_nCb454taSZzRwAacAZfZKkS9m6PCVs8_IiLOlV_mcxq2EPwUZ9mvVAmsEQRmLuQ1uVJA5HE5UaNX28Pg_kO6zIFaaqFdaUj-qaaMuKeShxA1A6LKDsY4QoBMc4XSNtFo1ujew9jDhZlllYh_Hb5Mac7PKScocpj8z5Nks_80eNN5KB6VB5mUuzG0FIWe9Y4pIVil-_jfD7rdvsWIz-ZULnrwgfYf5ljz3x-zcg1-O_a5-OXQ&sai=AMfl-YTeMqdnaET5PoOo0fFc1YGEkBgz8LjGh4l6Q_qidHZXrYtIDeXZYC2SAzZTh_9CBwA7p2Bl_Kztq_9cajlKvJ0MOMx2kMNDmoTHySmyxek1b-7HyZEY6vOdPmFs2yyLmWmjX1ksT0jmvWNlFWGu8SaQwbYv_qClApuAgw&sig=Cg0ArKJSzN09H5cAAORLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E2ADEBB22C3D94FBB073A81422F09D3B
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Frame ID: 139FEB0D436B987E79FDB7F8865479A2
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-47D9CNh0NPihyT7txUgNX4ODRa_uBz2WyDwv6rQanCcOFrqS2SbWztc6qNdS3cpfTxC8dFkW0A5mquF8sv_upGy19OLhrSQbiX_o-dHrv4RD2PBKDMLPDpeYLM-EWA2-pk53UNMV-z2GuUp4KBj7akSj9-tMwnfD448uzL0YViDW8HEL5op026w6cCYqoIpfYk18X0teV_NRgD_o7nL23a3fgk4seeWg8kcVwWx_EzIOS_oa1isleVLK-QVioEkATjJkr40X6ONdkSbb8t-nQIppdByOFfJRFO69zDnXD03dVfGWyUH98pipee22CUdpPGyiY5M2MsY_9ULx1Q8YBzUBgWfGRx1j9L5KC6ubVw&sai=AMfl-YSULpxMXqgVY3K8TddICiXiKXvVw8MI5bhuUn9n8dMWeQLw-wQRrC6K1mXalo_sNZBeP3aGm4Je69IaxZdXB3qDCzIz6s7Qm25l7hf3yDxi8sIHvEHB9faYfX1VTkIs7wW8T-vQLlz7NhWn8S724w4HEmSYsbrG_1-nLw&sig=Cg0ArKJSzEB4QtivwlLZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9894BAE0FBCF36E9D3D0DD2DEC3BE1B0
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Frame ID: 27128C0D16496220BDF600607454EF15
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM4YGZBZWIGl2sLZdtrQTGx1hQHNvD_WONtTPwcS7cTOTsHWwHxcnR9R9qpFJoWN-t9y0AQOP_6XijgWu1vmNRKJLCPlqPr4Ni9NzoQCahf1fr7xrFwl_tmyfHsYepVPAfGJpCAM4qWENI3egDIRoJIYHaEbAWdSpUg_QwKq8Chw-3ZeSrXDKOJ4IQ4YoPdkKUJ4KzmPo1h1-XB5TGe3sXkBzGVYRZ_4jhHNEdwb5-CGwokzr-iykVRdEeXHhQ-3IQR2ZiUYOsl7Rhyq2cdcv66ogotwF7HmbyciIEJuIyO55bjcXndv3AAOJJbtSE9wms7JRqhKw-kkqbXf1M9MhOe4eMF85CEQ&sai=AMfl-YQdPy53qfqVBYxNlbUjrIl-bjS_B2KWkdrIrrCqhmfot0xvzSVs4B-_QQ4UUEGWJpLkYFrNHzu3MbZPRvZbA69EreVcmPEB3CY1QLVltB--pMtuBSg7zvtSrzczfsS1YCne3Db6hZPOzUNMa31gzGa87PtRDORul5LfQg&sig=Cg0ArKJSzOFtbrZtk0pqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D9FF549EB49C724889CFE0D7A2E66277
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Frame ID: E7C202C59C6AAB0F9DAF4ADD477CEF16
Requests: 12 HTTP requests in this frame

Frame: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E3EB2CC22C5863A87BC13CE9BB9347BA
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
Frame ID: 1E7F2DB5F0997040D67C98069670F003
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19A7B65DBA6AEF06B8F043A434C050AB
Requests: 9 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba54938196605e1200066d04d20&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Frame ID: B43A469AAB9B91A1370C8A95A5B23932
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Frame ID: FE5DBEDAD62308795B719022ED988951
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Frame ID: BDA112D28654377D74B798BF20FA7B93
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Frame ID: 01993C8A39E47F7398F3306EFB0E3B3C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Frame ID: DA9926AEDBC5E447B2DAB3D68768C811
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Frame ID: F67B79887C41474F80E66A467234FB9C
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Frame ID: EA58B82F28E71883B7AC766613D5FF67
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Frame ID: 3665DC379E4AF963148806FD046B30E9
Requests: 30 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 0F51ECC9A467428BBB6E1229F75B2C13
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Frame ID: DF9B63BDB6B73AF355C1D3FECF0D9017
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://vingroupwin.ph/ Page URL
  2. http://vingroupwin.ph/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlrl%2BS%2FGLjd9FJvmGWEqdqhHXkcnRSbs... Page URL
  3. https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

406
Requests

89 %
HTTPS

40 %
IPv6

81
Domains

122
Subdomains

103
IPs

7
Countries

3191 kB
Transfer

7933 kB
Size

64
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vingroupwin.ph/ Page URL
  2. http://vingroupwin.ph/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlrl%2BS%2FGLjd9FJvmGWEqdqhHXkcnRSbsfT0bu95hX3wLHee9vsNuQ91oDzvmmCGifdr4YHMLKx82kNSPqCAKOzfkoOlafSRCfJE5ZCkt1k9FZYg0r0knexvKaNBRe44ElASBQ%2F9OE8TtqumRH%2FpNXeu1PRTnx3v69h4sn7qyiqaM1advE0ixTh%2FXCaGXxJxA0zt%2B%2FGf%2Bu4AI4U%2B%2FThH2YcWST3FH5paoTLRsUvoBwPFSKjhZQOm3A0r7PdVWIZ9qYgcQCHH9k8Dnmc7C6tPsAMdW%2FVEB5dP%2Bi%2FXyBs4daM%2FlZuKJFiACYv2i4LY47vYsgpFtMdriFH%2Fs7tlKAMYXmqe8xGV4kt1PLJk%2B0aE8l8NvG7emVHzXPXcnBWspAaTZBCZPl8k%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/os-0.0.2/embed.js
Request Chain 86
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp&cc=1
Request Chain 99
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Tg7t_nxVSlVKVFBycmtsSzhZRHVSZk0xVG05ZzVqWUJEMFQ1RTZHZmphUVdmVHliRVFJSDBQMXJybDJwMHpBczFlbUo1Mkh6NnZlYmpUYTdJcjBYNVV6Vit5cUIvV2JuNStEM0ZQTU55cDU2Sk03R2oyUGxHUkxPQU1lSnVZWmY5U2xQeVdkRk81dnpyaHBGVEwxNUJ5ZWhaMGg1UVJiVnlhMTl2RE5XZllUR3BSVVBOck1kVjNtSnZDL0tLTGNQdGw2dExFd2tKNjkyMW9OTjV1TCt3elRCN1NCb0l5YTM0ZEZJNXRGUENGNnZ6RDZNdU5HSTZpZlpuMVFma1VMNW1zenh2Z2M5SkRIMFBLK09GcWhRNlJHN254QT09fA&cppv=2
Request Chain 133
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D486b077d-367b-466a-b9ff-bd0e3d329936 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D486b077d-367b-466a-b9ff-bd0e3d329936 HTTP 302
  • https://p2.gcprivacy.com/v3/id/xandr?id=4778378652944606084&gcid=486b077d-367b-466a-b9ff-bd0e3d329936
Request Chain 151
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=0&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=0&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=09dd22040041bcb933a17824&expiration=[EXPIRATION]&gdpr=0&gdprConsent=
Request Chain 222
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQoXMs2036sauWSqRGY70vzEzk4hjnTMWEg-8y1MqLVO80PahW3t8cTY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQoXMs2036sauWSqRGY70vzEzk4hjnTMWEg-8y1MqLVO80PahW3t8cTY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THBXR2szV2UxUjkyZmo1&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQoXMs2036sauWSqRGY70vzEzk4hjnTMWEg-8y1MqLVO80PahW3t8cTY
Request Chain 223
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 224
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJueslNL6cYi62UOuds_91U&google_cver=1&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw2aJHhK_w5yRlkknAPZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw2aJHhK_w5yRlkknAPZQ&google_hm=zIlXEWesRT6zYALl5xEXzAE
Request Chain 225
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB4Up5rg_fguKwBgjtVsDBU&google_cver=1&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JKbGFh1MdIUAoohS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzU5NTc3OTkzODk3MzgzOQ%3D%3D&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JKbGFh1MdIUAoohS
Request Chain 226
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGSh2cBmnYwVEjknxFaAcKE&google_cver=1&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f6aHkFoWQIOu--vyMfcxtnRUyc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNS1RGOE4tMU0tS1hWWg==&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f6aHkFoWQIOu--vyMfcxtnRUyc
Request Chain 227
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBCF-TEeyZDE_yQSWF3Q2P8&google_cver=1&google_push=AXcoOmS9-2oUwDjdoqv7mwj8nS0uJXA5MUMo-OMYFBBSTDUZfHVhDUTgbCgrv5CrBfPpwCISUpRISTB_Je4uodqneVrqc97p7hgn-mw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS9-2oUwDjdoqv7mwj8nS0uJXA5MUMo-OMYFBBSTDUZfHVhDUTgbCgrv5CrBfPpwCISUpRISTB_Je4uodqneVrqc97p7hgn-mw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR0ExUU1SUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Request Chain 266
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Request Chain 276
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Request Chain 277
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf-
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR0ExUU1SUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Request Chain 293
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Request Chain 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Request Chain 303
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR0ExUU1SUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Request Chain 319
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Request Chain 329
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Request Chain 330
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR0ExUU1SUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Request Chain 347
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Request Chain 357
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Request Chain 358
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ
Request Chain 383
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7aoTvyF6VBRFGcOtzFSAc2ADN_FRF0jE
Request Chain 384
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qT_DnN-dyfOTKalFpb5F-kwX6q93tVUe
Request Chain 385
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=eT_uwaQ1EKUTnPpSSCJtiD_S_8gLQL3u
Request Chain 386
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NDiuSRTVNkgow-qebBOpCtZgqT-h6bwC
Request Chain 398
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cuXOnOiZgD6iInAq9MZQozFm9dO94yzi
Request Chain 399
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=kqttmyw7Y5KeskF10MP67_ERAbkIR9cY
Request Chain 400
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EIX3P-e2-Ep_ecH94u_ymFeWSMY7KSwb
Request Chain 401
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vHBglHY3-9KcFHAx-OLQOwISeViMVC71

406 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vingroupwin.ph/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vingroupwin.ph/
Protocol
HTTP/1.1
Server
45.79.222.138 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
apple.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
1978
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:03:42 GMT
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
x-powered-by
PHP/5.5.38
bouncy.php
vingroupwin.ph/page/ 		697 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
http://vingroupwin.ph/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlrl%2BS%2FGLjd9FJvmGWEqdqhHXkcnRSbsfT0bu95hX3wLHee9vsNuQ91oDzvmmCGifdr4YHMLKx82kNSPqCAKOzfkoOlafSRCfJE5ZCkt1k9FZYg0r0knexvKaNBRe44ElASBQ%2F9OE8TtqumRH%2FpNXeu1PRTnx3v69h4sn7qyiqaM1advE0ixTh%2FXCaGXxJxA0zt%2B%2FGf%2Bu4AI4U%2B%2FThH2YcWST3FH5paoTLRsUvoBwPFSKjhZQOm3A0r7PdVWIZ9qYgcQCHH9k8Dnmc7C6tPsAMdW%2FVEB5dP%2Bi%2FXyBs4daM%2FlZuKJFiACYv2i4LY47vYsgpFtMdriFH%2Fs7tlKAMYXmqe8xGV4kt1PLJk%2B0aE8l8NvG7emVHzXPXcnBWspAaTZBCZPl8k%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/
Protocol
HTTP/1.1
Server
45.79.222.138 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
apple.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Referer
http://vingroupwin.ph/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
697
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:03:42 GMT
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
x-powered-by
PHP/5.5.38
Primary Request /
simcast.com/ 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlrl%2BS%2FGLjd9FJvmGWEqdqhHXkcnRSbsfT0bu95hX3wLHee9vsNuQ91oDzvmmCGifdr4YHMLKx82kNSPqCAKOzfkoOlafSRCfJE5ZCkt1k9FZYg0r0knexvKaNBRe44ElASBQ%2F9OE8TtqumRH%2FpNXeu1PRTnx3v69h4sn7qyiqaM1advE0ixTh%2FXCaGXxJxA0zt%2B%2FGf%2Bu4AI4U%2B%2FThH2YcWST3FH5paoTLRsUvoBwPFSKjhZQOm3A0r7PdVWIZ9qYgcQCHH9k8Dnmc7C6tPsAMdW%2FVEB5dP%2Bi%2FXyBs4daM%2FlZuKJFiACYv2i4LY47vYsgpFtMdriFH%2Fs7tlKAMYXmqe8xGV4kt1PLJk%2B0aE8l8NvG7emVHzXPXcnBWspAaTZBCZPl8k%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a7793b5e334cee543a25df8ae022fda9f158d1a97be47c0441924a80a4119b03

Request headers

Referer
http://vingroupwin.ph/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7242
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:03:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6630023
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230115-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701432224.624319,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
454, 1296350
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 00:35:40 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5dfdf5e87fcaa-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
content.css
simcast.com/templates/simcast/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/content.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e724e26d8d124dcf99404f07ac7c77c862193df3cdaf137b74400103c384638a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 12:40:30 GMT
server
Apache/2.4.38 (Debian)
etag
"a4c-5e39af94af09a-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
714
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"da9f-5dfdf5e807abc-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12204
lib.js
simcast.com/templates/simcast/js/ 		1 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
169fe0d25ec31dc891dd81af468f37776b222fcea163e79776554ef4c6ed3564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 14:33:31 GMT
server
Apache/2.4.38 (Debian)
etag
"5e1-5e415408aaf91-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
659
aaw.smc.js
cdn.adapex.io/hb/ 		556 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ecf41b844867c6148bafed097cbd4cbc266ca24ce6d55549a29642bed667692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23383
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 05:30:45 GMT
server
cloudflare
etag
W/"65657b05-8ae0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAVWjBC6OlvVIk8Rvh1x9MkzBjOuVCYXM%2FHMD2EBBhhkiV8%2FUUcPPfBjzEqk9dchhto%2FjRyDQsNU%2BHlCCyxFZOEqeU41e5G0M4Zpz%2FctgYivgdbGRHwJ9fJFuW2npmtxa5j1%2FyqbQoMdXjLO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
82eb3045ff41b968-AMS
expires
Fri, 01 Dec 2023 06:56:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d61619f372fd6e94353311dd8196adfa02059664be81c0e5176b34489bd6991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52611
x-xss-protection
0
server
cafe
etag
5318300273038598382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:45 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1677355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5ftscKmEgLmL5ktvccWiP6VSDHlSVMSh1C8lHNmgL37WTuMIj4CYSre9VWFgeDWfMyzHWdz0Fw0piTkWKP8FYqiklCjVGYp%2FiOrW%2BVkFnh%2BYhxjV2IsV4%2BhR1%2F0FWeSH0qyA%2BWgrlJFniYrCQHFuv9b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82eb3045ab0bbbf1-FRA
expires
Wed, 20 Nov 2024 12:03:43 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
202922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DWPrqk6xlaq8Ggy3dRQnjeZ%2Fvv8EovIuMsXdZlzScdE90jmOjmXH72AhEwgF3Ti%2BsjIra3pQQ6Bh%2BdX3KWZpAZBG7j2lNyO4qVaOkz8IbxzwKE3kCEMA5%2FwxnVcVtYG5T06jEwx0tUr7aLtQBUHYhRo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82eb3045ab0abbf1-FRA
expires
Wed, 20 Nov 2024 12:03:43 GMT
modal.css
simcast.com/widgets/modal/ 		1 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
959eacecf18680fc15471964610efb96467b99f6126a6c5d3151216838a940bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 00:35:40 GMT
server
Apache/2.4.38 (Debian)
etag
"40b-5dfdf5e88e70c-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
385
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Thu, 26 May 2022 00:35:40 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5dfdf5e880c4a"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		1001 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=vingroupwin.ph
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
fbcf77beb02be4df79b71b547628f04ef3d0ff96d84c90205672c9d33668127a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:03:44 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
close
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
embed.js
embedcdn.sendtonews.com/easy-stn-player/os-0.0.2/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/os-0.0.2/embed.js
24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/os-0.0.2/embed.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be976bc10e8f7ce176227b4f17c4dc0048c758e4d15fc2c507436abb83be852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
x-amz-version-id
GXveMu_FjNdrmCwEIOCHxKk6HHzu9Q.w
content-encoding
br
last-modified
Tue, 28 Nov 2023 18:37:22 GMT
server
AmazonS3
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"cb953e1324a1ab087800cdc10fcf0485"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
P7HzZdCTgHseaRAv0NnS92td-JLScpmzASAYFUwWNiWhPP_Pbeqsrg==

Redirect headers

date
Fri, 01 Dec 2023 12:03:44 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/os-0.0.2/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
WzJlYnALUYnTuSM02ZUUm4Onw4nllls3WzqlI_U_h8J5EV50tfB8vA==
AA1kPLmI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPLmI.img?h=100&w=100&x=384&y=256&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cec483d69f6e48fe52ccc99c4a978e8f8cb4caec41413723a581d5e45e01b4e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:20:53 GMT
x-resizerversion
1.0
x-source-length
75200
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425785
x-activityid
ff480dbf-5f24-4e50-8088-99b5ec0a0169
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPLmI?h=100&w=100&x=384&y=256&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 10:20:09 GMT
BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		142 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 15 Nov 2023 08:52:53 GMT
x-resizerversion
1.0
x-source-length
142
x-datacenter
westus
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=204758
x-activityid
1fbfac5e-97e9-4a8d-ac43-a7212acf84c9
content-location
https://img.s-msn.com/tenant/amp/entityid/BB18qTPD
timing-allow-origin
*
content-length
142
expires
Sun, 03 Dec 2023 20:56:22 GMT
1d5d6984c1f0359fd039da9a36f0dc63
content.api.news/v3/images/bin/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1d5d6984c1f0359fd039da9a36f0dc63?width=650
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.104 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-104.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9e5625b7c8d18be1bb98cfabe01b608142da1f3bc6f3be904a8e772f7cbfc963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 01 Nov 2023 01:49:56 GMT
server
Akamai Image Manager
etag
44aaf1f70b53a4c16bf668a998530853-1d5d6984c1f0359fd039da9a36f0dc63-650
edge-cache-tag
1d5d6984c1f0359fd039da9a36f0dc63
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4875238
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
28550
expires
Fri, 26 Jan 2024 22:17:42 GMT
newscomau.gif
simcast.com/images/rsslogos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/rsslogos/newscomau.gif
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
4d2331f6f86a430cde6092a58f66ceb15a25a9d2b1ef1fc2266da087aa7898f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"d93-5dfdf5e802c9c"
upgrade
h2
content-type
image/gif
connection
Upgrade
accept-ranges
bytes
content-length
3475
AA1kQ4LA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kQ4LA.img?h=100&w=100&x=960&y=540&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c038c8400b9fd00f0d2dd9c88ccd665e9a3ea3dad1497f3382ce701b28c5265c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 11:37:18 GMT
x-resizerversion
1.0
x-source-length
1185431
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430427
x-activityid
7976b992-c8b5-4557-a219-932d95fd544a
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kQ4LA?h=100&w=100&x=960&y=540&m=5
timing-allow-origin
*
content-length
8192
expires
Wed, 06 Dec 2023 11:37:31 GMT
AA17Rjix.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA17Rjix.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f8a562e61e7cbdbd5ff7df4973fd2777da2a43a4d7181d61f7ece3319546b56
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 08 Nov 2023 00:52:39 GMT
x-resizerversion
1.0
x-source-length
1083
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=350361
x-activityid
7c4c8f3c-d965-4b02-9989-6046d4bd6edf
content-location
https://img.s-msn.com/tenant/amp/entityid/AA17Rjix
timing-allow-origin
*
content-length
1083
expires
Tue, 05 Dec 2023 13:23:05 GMT
AA1kPG02.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPG02.img?h=100&w=100&x=331&y=203&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed51b8cef89fbb16a7e4368f0c3d7b847903591f3d67c3ac4fcbc10ccab41765
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:07:42 GMT
x-resizerversion
1.0
x-source-length
196411
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425025
x-activityid
e4adfe73-12f5-4e03-ba09-3f16e981f959
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPG02?h=100&w=100&x=331&y=203&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 10:07:29 GMT
AA1kPzBw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPzBw.img?h=100&w=100&x=330&y=103&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
684675b87071906febd6c61e21ffc30530b4d31090d9b6a3e080dccbb9229725
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 09:10:33 GMT
x-resizerversion
1.0
x-source-length
123486
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421611
x-activityid
49ee48f4-9828-4643-9b5f-3d6d0005497a
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPzBw?h=100&w=100&x=330&y=103&m=5
timing-allow-origin
*
content-length
8192
expires
Wed, 06 Dec 2023 09:10:35 GMT
9c6e5a35094aecab233072ba4805c5c5
content.api.news/v3/images/bin/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9c6e5a35094aecab233072ba4805c5c5?width=650
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.104 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-104.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e4123e359aa38679f323a3ae60066e4a7be8bf3984e8f073f19b9f09db94cb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Wed, 08 Nov 2023 06:23:01 GMT
server
Akamai Image Manager
etag
312c9eec845290374673c0ed4f2200c4-9c6e5a35094aecab233072ba4805c5c5-650
edge-cache-tag
9c6e5a35094aecab233072ba4805c5c5
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=2890449
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
43799
expires
Wed, 03 Jan 2024 22:57:54 GMT
210816213948-displaced-afghan-women-large-11.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/210816213948-displaced-afghan-women-large-11.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9a4::3134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
807675586534319561adf44f7b468a3f20b832714046e43cc9d9f63a35a337f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
content-length
20605
expires
Fri, 01 Dec 2023 13:03:45 GMT
210816213948-displaced-afghan-women-super-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/210816213948-displaced-afghan-women-super-169.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9a4::3134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
bd592b04bfa9db1f181400b1576d937a3ded307829547a3f4a0e359c2193160f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
content-length
102420
expires
Fri, 01 Dec 2023 13:03:45 GMT
cnn.gif
simcast.com/images/rsslogos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/rsslogos/cnn.gif
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a99d12b6ff6d6acd839887a0eda9aa988f3a60e31888fd8f6d84c1d281f4cc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"e6c-5dfdf5e802c9c"
upgrade
h2
content-type
image/gif
connection
Upgrade
accept-ranges
bytes
content-length
3692
AA1iKOWU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1iKOWU.img?h=70&w=95&x=315&y=236&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e336006cf81cd7b84ada0dec70060de2af67adcc1a8a069b6329fdeb3f99c8f3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 11:16:29 GMT
x-resizerversion
1.0
x-source-length
43031
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429193
x-activityid
d4e4a66e-f6e1-43d6-b855-48b67c47aa9f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1iKOWU?h=70&w=95&x=315&y=236&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 11:16:57 GMT
AA14H4ei.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14H4ei.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2a842c779a0a279f81dc54023665035b323d8732ee1ad09e4cd09e0474be790
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 24 Nov 2023 06:19:17 GMT
x-resizerversion
1.0
x-source-length
3626
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=195190
x-activityid
4de28714-f807-4bb5-9289-8b4e694d2aef
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14H4ei
timing-allow-origin
*
content-length
3626
expires
Sun, 03 Dec 2023 18:16:54 GMT
AA1kPOtd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPOtd.img?h=70&w=95&x=389.5&y=175.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6be93769c21075a72542c8d8501ab473d7623a79dae8ba43d01fca1cb4211e8a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 11:27:53 GMT
x-resizerversion
1.0
x-source-length
51259
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429792
x-activityid
6e542b4a-6bc0-4e92-ae12-bd45909fd9a8
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPOtd?h=70&w=95&x=389.5&y=175.5&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 11:26:56 GMT
AA1ebskI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1ebskI.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a146a8cbe760810a90a870f6494fd876116ff6eca054fec94ff702147b5782b9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Mon, 20 Nov 2023 15:00:14 GMT
x-resizerversion
1.0
x-source-length
3649
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=269825
x-activityid
36f25fba-9c0b-42e8-9f58-9ac26caa4a1f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1ebskI
timing-allow-origin
*
content-length
3649
expires
Mon, 04 Dec 2023 15:00:49 GMT
AA1kPLCs.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPLCs.img?h=70&w=95&x=381&y=96&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1b047d2ae960d2ee9e36b697177dba0858103b2aa44bb9478ff797e5d1b19672
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:38:50 GMT
x-resizerversion
1.0
x-source-length
35110
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426902
x-activityid
32d8b0e2-2e7e-4aa2-b4c2-a860d3bd65ee
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPLCs?h=70&w=95&x=381&y=96&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 10:38:46 GMT
BB1gzsBn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gzsBn.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57ecb686b5032784079770030d9771ba1739fcfe5ab01c348394f1f76d7b79fa
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 22 Nov 2023 17:29:43 GMT
x-resizerversion
1.0
x-source-length
1722
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=62771
x-activityid
db468bf8-ca37-483c-a5de-be19110b8bdd
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1gzsBn
timing-allow-origin
*
content-length
1722
expires
Sat, 02 Dec 2023 05:29:55 GMT
AA1kPLmI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPLmI.img?h=70&w=95&x=384&y=256&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
10b9f9b34818c8fe8485930f176c55e5a9af1397aabdab511771f1931f86f1f7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 09:55:18 GMT
x-resizerversion
1.0
x-source-length
75200
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=424292
x-activityid
5c4207c3-747a-470e-a080-92866d63dff6
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPLmI?h=70&w=95&x=384&y=256&m=5
timing-allow-origin
*
content-length
2048
expires
Wed, 06 Dec 2023 09:55:16 GMT
210816213948-displaced-afghan-women-live-video.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/210816213948-displaced-afghan-women-live-video.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9a4::3134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cb0217ae6b1804320aab99ea40ab111a8264583e237fd928f1180babf9adb52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
content-length
31136
expires
Fri, 01 Dec 2023 13:03:45 GMT
AA1kPJnU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPJnU.img?h=70&w=95&x=432&y=230&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
155b49025165c685e0fea0b5203d9981e11c9dcb9445a5019fa370e25eceb61d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:27:12 GMT
x-resizerversion
1.0
x-source-length
39695
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426173
x-activityid
d0fda3e4-6411-4b39-b5e8-bdb634fbc221
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPJnU?h=70&w=95&x=432&y=230&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 10:26:37 GMT
AACl6Lf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Thu, 30 Nov 2023 12:55:54 GMT
x-resizerversion
1.0
x-source-length
18254
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=348720
x-activityid
69087186-77be-4eb8-8c22-d1be0778cc3d
content-location
https://img.s-msn.com/tenant/amp/entityid/AACl6Lf
timing-allow-origin
*
content-length
18254
expires
Tue, 05 Dec 2023 12:55:44 GMT
AA1kPFgz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPFgz.img?h=70&w=95&x=1500&y=1000&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae63e73b1fcbbf40e57931ba1183c7d1df732c17e9d7898a4ce8ad1311cee833
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 09:02:58 GMT
x-resizerversion
1.0
x-source-length
712688
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421120
x-activityid
badd95e9-a6fa-48f5-82ee-acda52d3d006
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPFgz?h=70&w=95&x=1500&y=1000&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 09:02:24 GMT
AAHxwMU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Sat, 25 Nov 2023 09:19:55 GMT
x-resizerversion
1.0
x-source-length
19380
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=292582
x-activityid
fb03fe75-c733-474e-9a3a-5c8c7593417f
content-location
https://img.s-msn.com/tenant/amp/entityid/AAHxwMU
timing-allow-origin
*
content-length
19380
expires
Mon, 04 Dec 2023 21:20:06 GMT
AA1kPJTK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPJTK.img?h=70&w=95&x=400&y=300&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
356ab5b781232f728be6b06df39ffacca0518909c4b36a6e26e54c2157559d9a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:33:07 GMT
x-resizerversion
1.0
x-source-length
39039
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426574
x-activityid
074fe036-677f-46ac-84c7-b1551463417b
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPJTK?h=70&w=95&x=400&y=300&m=5
timing-allow-origin
*
content-length
4096
expires
Wed, 06 Dec 2023 10:33:18 GMT
AA1kPFgz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1kPFgz.img?h=300&w=400&x=1500&y=1000&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d63a00bd3792944992dbab675d7259f30cc33ede7cda071170e9e8bbc2027cce
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Fri, 01 Dec 2023 10:13:59 GMT
x-resizerversion
1.0
x-source-length
712688
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425381
x-activityid
e4d5f5b8-fa9a-4061-85fc-e07e3e6451f3
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1kPFgz?h=300&w=400&x=1500&y=1000&m=2
timing-allow-origin
*
content-length
32768
expires
Wed, 06 Dec 2023 10:13:25 GMT
210816213948-displaced-afghan-women-video-synd-2.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/210816213948-displaced-afghan-women-video-synd-2.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9a4::3134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5cd3bcbb7ebd5fa25d4bff1d68ae4bc7f8307132fdf39a84e751f57b341d737c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
content-length
54376
expires
Fri, 01 Dec 2023 13:03:45 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 00:35:40 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5dfdf5e88e70c-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6f3fa12ecdc94c1d9cfd28d3680163a469c96521a03d171c764967ae93671fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68993
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:03:44 GMT
/
cat2.hbwrapper.com/ 		15 B
256 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat2.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.183.18.251 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture2.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Fri, 01 Dec 2023 12:03:45 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		320 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e51e00eab4e9a6e965c8d4c261c63621e71e4239208e1eac41fbc7dba1d04ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
82eb304ddcd91cbf-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d1764188958381826eb8994a59af929843ce114145cbff763dab06819bee29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30372
x-xss-protection
0
server
cafe
etag
41 / 19692 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:44 GMT
gtm.js
www.googletagmanager.com/ 		305 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfacd0aecbf0c24a217c574edb9b7275ebe96be1ab1787b80a67314ef65f6855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81035
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:03:44 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28974
x-jsd-version
1.0.1890
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230132-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-TNgfTrEmgU0kvSD/fpfRT6TRJJo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6q3i1RMGwaPVGW2rZx2XVf06drP0thDKR820Jo6k6Xg8jcUCddzSbVHhgiaOZwSKzizv8TZfkWvIbEcp186XGeS7cLanM73xBl3a4WgThV0r2fiO8DFqjUU6Ow3tT4D%2BpvwzQOZWz2o4rQrC3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82eb304de9633626-FRA
modal.php
simcast.com/widgets/modal/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.php?mm=126
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache/2.4.38 (Debian)
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
hero_nc.svg
parking3.parklogic.com/page/images/pe262/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parking3.parklogic.com/page/images/pe262/hero_nc.svg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash
878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Mon, 08 Mar 2021 23:04:00 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
etag
"bbe1-5bd0e72fe1800"
content-type
image/svg+xml
connection
close
accept-ranges
bytes
content-length
48097
modal.php
simcast.com/widgets/modal/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.php?mm=113
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Apache/2.4.38 (Debian)
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5dfdf5e80b93d"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
AA17Rjix.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA17Rjix.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f8a562e61e7cbdbd5ff7df4973fd2777da2a43a4d7181d61f7ece3319546b56
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 08 Nov 2023 00:52:39 GMT
x-resizerversion
1.0
x-source-length
1083
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=350361
x-activityid
7c4c8f3c-d965-4b02-9989-6046d4bd6edf
content-location
https://img.s-msn.com/tenant/amp/entityid/AA17Rjix
timing-allow-origin
*
content-length
1083
expires
Tue, 05 Dec 2023 13:23:05 GMT
BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		142 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Wed, 15 Nov 2023 08:52:53 GMT
x-resizerversion
1.0
x-source-length
142
x-datacenter
westus
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=204758
x-activityid
1fbfac5e-97e9-4a8d-ac43-a7212acf84c9
content-location
https://img.s-msn.com/tenant/amp/entityid/BB18qTPD
timing-allow-origin
*
content-length
142
expires
Sun, 03 Dec 2023 20:56:22 GMT
newscomau.gif
simcast.com/images/rsslogos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/rsslogos/newscomau.gif
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
4d2331f6f86a430cde6092a58f66ceb15a25a9d2b1ef1fc2266da087aa7898f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"d93-5dfdf5e802c9c"
upgrade
h2
content-type
image/gif
connection
Upgrade
accept-ranges
bytes
content-length
3475
cnn.gif
simcast.com/images/rsslogos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/rsslogos/cnn.gif
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a99d12b6ff6d6acd839887a0eda9aa988f3a60e31888fd8f6d84c1d281f4cc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Thu, 26 May 2022 00:35:39 GMT
server
Apache/2.4.38 (Debian)
etag
"e6c-5dfdf5e802c9c"
upgrade
h2
content-type
image/gif
connection
Upgrade
accept-ranges
bytes
content-length
3692
AA1ebskI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1ebskI.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a146a8cbe760810a90a870f6494fd876116ff6eca054fec94ff702147b5782b9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:44 GMT
last-modified
Mon, 20 Nov 2023 15:00:14 GMT
x-resizerversion
1.0
x-source-length
3649
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=269825
x-activityid
36f25fba-9c0b-42e8-9f58-9ac26caa4a1f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1ebskI
timing-allow-origin
*
content-length
3649
expires
Mon, 04 Dec 2023 15:00:49 GMT
prebid.js
embed.sendtonews.com/library/prebid/7.17.0/ Frame 521B 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
4T1O1sxkjVuvPIXSZnuOc3WXU2qLKIH1
content-encoding
gzip
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 05:55:07 GMT
last-modified
Thu, 13 Apr 2023 19:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
62583
etag
W/"a19a813f32186fcd556eb018968e7f37"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NCVhtKcXt9xRsy7fnZqzEhaIGWn87QqSRHvEj2vrFCC5hiR0jhMB0g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 521B 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d4545116badfac000ce3e9c90f65810846fcad5a223e0dcc0118f277c0bdf33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30374
x-xss-protection
0
server
cafe
etag
133 / 19692 / 31079807 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:45 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&cmd=RTP&key=jmgEr5Ik&order=1&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 08 Dec 2023 12:03:45 GMT
loader.js
static.anonymised.io/light/ 		448 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
138fee977dc4ed5faa24d58c77ab2293a1d18e6549c35fa8479e04a008d48a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:04:52 GMT
content-encoding
gzip
age
93533
x-guploader-uploadid
ABPtcPpKpz5YHDUA7YWgLUM8RXue-fLEJq-svVW-qtVpdW2DWjf7RiTBRh4GzynbMax-XY8HB9-dVCFzrrDDbGx91VMN-w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
last-modified
Thu, 30 Nov 2023 10:04:47 GMT
server
UploadServer
etag
"141bd8915cc69b4afb496e867fc1ff27"
x-goog-generation
1701338687827402
x-goog-hash
crc32c=ltRX8Q==, md5=FBvYkVzGm0r7SW6Gf8H/Jw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-transform
x-goog-stored-content-length
313
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 29 Nov 2024 10:04:52 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
5350
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Nov 2024 10:34:35 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65ae640302acf7f1b9bba447f97ca48ac05ec06443ab71efca4269875c6601d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137282
x-xss-protection
0
server
cafe
etag
4227858216193486618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 37C8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:59:29 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 20:59:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ Frame 521B 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:36:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
1661
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Nov 2024 11:36:04 GMT
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:55:15 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
512
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
3aDI7uKPhB-llspMbDiuM7L-A-H3P_aXKV7_Kwq7N7rfaRWGNbQycA==
0_os.js
player.sendtonews.com/bidderFiles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0_os.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-32.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d897dee4df06b72cbe2a406fd52d4d8076557f5b262c36c7842d82f9afbfe5eb

Request headers

Referer
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
hKlr1qncbuAXDDe9uie_u04gYH4.Vla8
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront), 1.1 73bf4f8a14baf53971357e0a4893be3e.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 05:57:59 GMT
x-amz-cf-pop
FRA56-P7, AMS1-P3
age
62584
x-cache
Hit from cloudfront
last-modified
Wed, 19 Jul 2023 17:11:11 GMT
server
AmazonS3
etag
W/"aac1192990624da172e472c57a8f7ae9"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
kMVfyX4OuuY7np_6qB8VBwcNnWzphAFjyPUcC2BB8TnD3pSLgVWu3A==
connectId-gpt.js
connectid.analytics.yahoo.com/ Frame 521B 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7200:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:30:08 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
2018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
oFwDgzwm2BHhttsrJpUVwcDlvw0kaqwq5NOnU_8KAcarK4FTmRtKUQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ Frame 521B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8e00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Fri, 01 Dec 2023 10:03:28 GMT
Via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
7218
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
4vtOl11cWa_jcTOvCDk0RKDhatlwDReuNNTEgowfpP8ok5jnrdtBEw==
esp.js
cdn.id5-sync.com/api/1.0/ Frame 521B 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
3D6NMVXV4PESJSDA
age
2722
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82eb304fdda63a4f-FRA
x-amz-id-2
EvOSbT5mR0h8d/IKhYFS0ECHSpdAl3TS0mLcFNBnNLfJNvqxQ9kFjiDCIey9nujJ3Yq4c4RtW3s=
publishertag.ids.js
static.criteo.net/js/ld/ Frame 521B 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:03:45 GMT
esp.js
oa.openxcdn.net/ Frame 521B 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:38:57 GMT
content-encoding
gzip
age
1661088
x-guploader-uploadid
ABPtcPqNl0_c7mOVHVehFbpvBDCYrlpMq3zlKY0iT8ZNCSTUmKqOFKvvyge5cYXvjpEp3qctN1IhbOKtoVDeGx23F8-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:38:57 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ Frame 521B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
e4ee0b92881f8cd1f2e69a2d41439cf8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ Frame 521B 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
15926
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
yOzI-7abG4XkYbexQ6A4ccbqZr2ZRJ84AjHRPPAHkiCxh5Ng65EZFw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 521B 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21836
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70WNkr6i1ZHG49ukTIL52aBnirek%2Frm8cQ5kUnC5OnV6fVT7nY8rEcqEOTCz%2BAaaZAvPwkM5%2FsNjC52G38IzLClnhcTy0sP%2Fw5b8HCwpfrCrQmXvP8HFVBe4ev92H2XlfOOFsNTn1VsjQMXiQqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82eb304fb9123648-FRA
ob.js
cdn-ima.33across.com/ Frame 521B 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
27511
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82eb304fddb91973-FRA
expires
Mon, 04 Dec 2023 12:03:45 GMT
bundle.js
static.anonymised.io/light/ 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/bundle.js?v=0.3.0t
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
804dcbc892006cb041c6eed7a954330d2ee94f65f6a42bf571078f874709a190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:54:25 GMT
content-encoding
gzip
age
560
x-guploader-uploadid
ABPtcPqNoU5t6m2qt0CMmYcVFNSOT_Ce3q9JPMzapSt-146StAM7sSDDYaHjMcz_DcDhIHk62OmdlC7wc4Tvv0FcwVrcCg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32683
last-modified
Thu, 30 Nov 2023 10:04:43 GMT
server
UploadServer
etag
"9ba79c3d9bcdafcbf3fc19172f483299"
vary
Accept-Encoding
x-goog-generation
1701338683306101
x-goog-hash
crc32c=8SxeLw==, md5=m6ecPZvNr8vz/BkXL0gymQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
32683
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Dec 2023 12:14:25 GMT
pixel;r=762749437;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0;ref=http%3A%2F%2Fvingroupwin.ph%2F;uht=2;fpan=1;fpa=P0-1417...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=762749437;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0;ref=http%3A%2F%2Fvingroupwin.ph%2F;uht=2;fpan=1;fpa=P0-1417952964-1701432225140;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;d=simcast.com;dst=1;et=1701432225221;tzo=-60;ogl=;ses=9d143eb6-5fb1-4828-9c2e-217f2d679c35;mdl=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
health
aegis.anonymised.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aegis.anonymised.io/health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://simcast.com
allow
OPTIONS, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
d3f311ed80dbd45ea492ee9a638a6e60
x-request-id
GPvBqUmjMYhbINmqpDAyBJyOnWDtVXOq
health
aegis.anonymised.io/ 		2 B
146 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aegis.anonymised.io/health
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
via
1.1 google
server
Google Frontend
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
x-cloud-trace-context
ae0f88229ddb76ba037c7e5e221d57ac
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
NVRsCMYssRoEMKhyxGyvynLSbZaTjzVF
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adb5521f6daa28bf7a2f73decfaa78d1bd4efc45ab6e17eca144c3fcc4ccadba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:39:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:03:45 GMT
map
bcp.crwdcntrl.net/6/ Frame 521B 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a25ba50d0fcb1f2d807fd39686ded34147bd3c095713d941c8cb23fcde624f3f

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.25.254
access-control-allow-credentials
true
content-length
60
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5259 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1701432225&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432225102&bpp=2&bdt=1508&idt=176&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1598984237799&frm=20&pv=2&ga_vid=1642492729.1701432225&ga_sid=1701432225&ga_hid=1148522360&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809317%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1709751277934431&tmod=1854443838&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fvingroupwin.ph%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:45 GMT
expires
Fri, 01 Dec 2023 12:03:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/ Frame 521B
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp&cc=1
85 B
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp&cc=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e1c6681ee7fe76cae30c74ed59e4dd071513ad706b42662a48953370c3645b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-piep/Fahanc9hW/H/UhVt3lMWpk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 01 Dec 2023 12:03:45 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://simcast.com
location
/esp?url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame B9F5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Kestrel
server-processing-duration-in-ticks
348190
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&ldt=IMA&key=jmgEr5Ik&order=2&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&blocked=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 521B 		396 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18782&site_id=498582&zone_id=2969000&size_id=15&alt_size_ids=19%2C43%2C44%2C65%2C198%2C221&p_pos=atf&rf=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&kw=search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties&tg_i.ref=http%3A%2F%2Fvingroupwin.ph%2F&tg_i.page=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&tg_i.domain=simcast.com&tg_i.pbadslot=outstream_float&tk_flint=pbjs_lite_v7.17.0&x_source.tid=75e7aee5-6bdb-4c96-9844-2a81f9bbb69f&l_pb_bid_id=27d68f3b40786b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2199318482033923
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8e638da198ae2858ddb1f2b0e0b2c2b8aadd5e9d058be11b8847450b0b647257

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
396
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 521B 		796 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091153902525791&correlator=651288430492405&hxva=1&scor=2932347095281719&eid=31079829%2C31079807%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=92056281%2Cdefault_outstream%2Cfloat&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x100%7C300x60%7C300x50%7C1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701432225322&lmt=1701432225&adxs=401&adys=419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=lsvdjvwkap7y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1225766708.1701432225&ga_sid=1701432225&ga_hid=388796941&ga_fc=false&dlt=1701432224934&idt=268&cust_params=sessionKey%3D374863-d9gzpd8zmvi88yla%26version%3Dos-0.0.2&adks=3417751721&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb511c16d0407281da5a7001c1c66b57e42fc3aeec18b26cc38266785faad6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
432
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 521B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8c4221da11b0d65b8c1d793f4012a9d31ac5cedd2dd078595d8c90673672c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12409
x-xss-protection
0
container.html
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C99 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:45 GMT
expires
Sat, 30 Nov 2024 12:03:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
increment
id5-sync.com/api/esp/ Frame 521B 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6042d9e73b31d80d41f2a61553f8302159ba4fe84effa682cfb52b6899e43860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:03:45 GMT
fed
ups.analytics.yahoo.com/ups/58813/ Frame 521B 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fsimcast.com%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://simcast.com
content-type
application/json
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d4d0e5f64527c8cdb459bacb4a6692a93431faf772d24947c6168e15e35b907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:03:45 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 11:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
847
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 13:49:38 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		3 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-244-12.an.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
b1556dea32e9d0cdbfed038fd7787275775ea40939c146a64e205bcb349ad02f

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
23
expires
Thu, 19 Nov 1981 08:52:00 GMT
sid
mug.criteo.com/ Frame B9F5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Tg7t_nxVSlVKVFBycmtsSzhZRHVSZk0xVG05ZzVqWUJEMFQ1RTZHZmphUVdmVHliRVFJSDBQMXJybDJwMHpBczFlbUo1Mkh6NnZlYmpUYTdJcjBYNVV6Vit5cUIvV2JuNStEM0ZQTU55cDU2Sk03R2oyUGxHUkxPQU1lSn...
441 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Tg7t_nxVSlVKVFBycmtsSzhZRHVSZk0xVG05ZzVqWUJEMFQ1RTZHZmphUVdmVHliRVFJSDBQMXJybDJwMHpBczFlbUo1Mkh6NnZlYmpUYTdJcjBYNVV6Vit5cUIvV2JuNStEM0ZQTU55cDU2Sk03R2oyUGxHUkxPQU1lSnVZWmY5U2xQeVdkRk81dnpyaHBGVEwxNUJ5ZWhaMGg1UVJiVnlhMTl2RE5XZllUR3BSVVBOck1kVjNtSnZDL0tLTGNQdGw2dExFd2tKNjkyMW9OTjV1TCt3elRCN1NCb0l5YTM0ZEZJNXRGUENGNnZ6RDZNdU5HSTZpZlpuMVFma1VMNW1zenh2Z2M5SkRIMFBLK09GcWhRNlJHN254QT09fA&cppv=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7285f44011ef06270a66d5bbe930c20061eae8cfc623edcdf601fd113142df60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1169322
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Tg7t_nxVSlVKVFBycmtsSzhZRHVSZk0xVG05ZzVqWUJEMFQ1RTZHZmphUVdmVHliRVFJSDBQMXJybDJwMHpBczFlbUo1Mkh6NnZlYmpUYTdJcjBYNVV6Vit5cUIvV2JuNStEM0ZQTU55cDU2Sk03R2oyUGxHUkxPQU1lSnVZWmY5U2xQeVdkRk81dnpyaHBGVEwxNUJ5ZWhaMGg1UVJiVnlhMTl2RE5XZllUR3BSVVBOck1kVjNtSnZDL0tLTGNQdGw2dExFd2tKNjkyMW9OTjV1TCt3elRCN1NCb0l5YTM0ZEZJNXRGUENGNnZ6RDZNdU5HSTZpZlpuMVFma1VMNW1zenh2Z2M5SkRIMFBLK09GcWhRNlJHN254QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
232536
content-length
0
expires
0
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&ldt=BIDS&key=jmgEr5Ik&order=3&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=85.9&prebid.bidders.ix.time=0.6&prebid.start=2812.2&prebid.time=86.3&prebid.timeout=1000&adIndex=null
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 01 Dec 2023 12:03:45 GMT
gcid_s.min.js
p.gcprivacy.com/t/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18d3cafa2e6d1b8b42757f7dc25a29ef4c288fd61e2af87d990bcbbe89be31ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
f.A1WK9xSpu0qy1ajnSlgsIzw668YRqp
date
Thu, 30 Nov 2023 22:58:46 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 22:58:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
47100
x-amz-server-side-encryption
AES256
etag
"fad193e9a8ed6a4cec978dcd910c5bd0"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
12473
x-amz-cf-id
lKMTwvNE8tGiZoKHXtZYovTHOkH4dKRN79xnAEI5rSqrzLCRzv7qFw==
prebid
ib.adnxs.com/openrtb2/ 		0
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
an-x-request-uuid
765fcd4d-9aa9-45f5-b8d8-e9e69197c1f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
https://simcast.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.93.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-93-92.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f09e5cfbb448f4a7d1a211708d946eae1e5dd43d3534e8eaa0c455d579b91710

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 12:03:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/ 		11 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.22.0&cb=65968009042&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42d11875c24e40b6686c9e0c190e206151db1595dccbc80726a525aa82b08d95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pb
ad.360yield.com/1914/ 		0
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1914/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.94.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 01 Dec 2023 12:03:45 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bid-request
a.teads.tv/hb/ 		16 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.29 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 01 Dec 2023 12:03:45 GMT
c
prebid.a-mo.net/a/ 		0
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
8
date
Fri, 01 Dec 2023 12:03:45 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=949296
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896b0220561d71c5d04a71c9b4c4fa319a94d32c276cdea5a5b2b37965c03001

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ILNcS3Yom6wK6AygPVxqTuZCt2At011kVOowRLVJlZLfUqtNWuyAEe9Bj9zQv83ZielZNYkx%2BQUV9lCGnAcBtOzXVOPvKkkEBNUBukx0%2F8IEVMREYDDYxD2G2sTyzQbsZ7O23Nu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82eb30515e173645-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simcast.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		582 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8e7e28f5b18b4400645714609719c7d789db5b0267405982974034807db0f398
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
an-x-request-uuid
e3c49f85-b070-4366-94ca-441fbcb0945e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
smartssp-us-east.iqzone.com/ 		2 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smartssp-us-east.iqzone.com/pbjs
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.104 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Fri, 01 Dec 2023 12:03:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
/
ghb.adtelligent.com/v2/auction/ 		18 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
877a5d0982389d6e0c087e1e1e1bf5b551c1d24b1aa6468d397b5ed73e9e9ded

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 12:03:45 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1143
prebid
prebid.media.net/rtb/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
35791ab77e4963e6f750ced1c17f1d2b9f61a5523155c82b0bad84735f686450

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
51
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:03:45 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:46 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
anonymized_small_black.png
storage.googleapis.com/idw_static_assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/idw_static_assets/anonymized_small_black.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:25:19 GMT
age
2306
x-guploader-uploadid
ABPtcPqmSst3Of7Xt4npJRRBdnz8y050CoNlyqOdVJZRTRwOCvJ5LbkXhXbSK1DEb4iz4uKZppk
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1661
last-modified
Thu, 02 Feb 2023 09:54:23 GMT
server
UploadServer
etag
"d0042077edcb1feff233a5a0e095b327"
x-goog-generation
1675331663329867
x-goog-hash
crc32c=A2Z1Vg==, md5=0AQgd+3LH+/yM6Wg4JWzJw==
content-type
image/png
cache-control
public,max-age=7890000,no-transform
x-goog-stored-content-length
1661
accept-ranges
bytes
expires
Fri, 01 Mar 2024 19:05:19 GMT
bidderchecker.js
static.anonymised.io/light/ 		961 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/bidderchecker.js?v=0.3.0t
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:49:42 GMT
content-encoding
gzip
age
843
x-guploader-uploadid
ABPtcPob-Ch8c-0ztYzb8-YpyqQ0Bp8aHDn0H-ZXMEyNbyaOPpmc2noSdCE0Y5FavstM-hB03d2B1-GmyOmotMm_nS5FrA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
387
last-modified
Thu, 30 Nov 2023 10:04:42 GMT
server
UploadServer
etag
"a8547f736d8a1ba6b862a645df5e9436"
vary
Accept-Encoding
x-goog-generation
1701338682240510
x-goog-hash
crc32c=QMKBLA==, md5=qFR/c22KG6a4YqZF316UNg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
387
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Dec 2023 12:09:42 GMT
timeme.min.js
cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/timeme.min.js
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
289335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1532
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-163a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK1b5TBDLq%2F3exGtMvasAZXyFYcO4oRrqlgHDVkzCVaJuQARgr5uP9%2BoOhAm7MfcI2UGXsVavhB3TO%2Fwlvrwir4LmvSnnDZT75p6tVMCAI2aklGpNPBwjBUTx83eV3srO%2FhhmZOrU9EOCZCGNda5Temp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82eb30512f92bbf1-FRA
expires
Wed, 20 Nov 2024 12:03:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 521B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 12:03:45 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RFSL1NPH34&gtm=45je3bt0v9124667839&_p=1701432224881&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1642492729.1701432225&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701432225&sct=1&seg=0&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&dr=http%3A%2F%2Fvingroupwin.ph%2F&dt=Simcast%20News%20portal.&en=page_view&_fv=1&_ss=1&tfd=2981
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFSL1NPH34&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1148522360&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&dr=http%3A%2F%2Fvingroupwin.ph%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=541845818&gjid=1670888736&cid=1642492729.1701432225&tid=UA-205158314-1&_gid=1504647630.1701432225&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=253300245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
p2.gcprivacy.com/v2/ 		451 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=1aeb3c93-cfe3-4dff-9275-93b0b57d336a&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&h=simcast.com&ref=http%3A%2F%2Fvingroupwin.ph%2F&ids=sharedid%2C1aeb3c93-cfe3-4dff-9275-93b0b57d336a%7Cquant%2C%257B%2522value%2522%253A%2522P0-1417952964-1701432225140%2522%252C%2522expiry%2522%253A1735301025271%257D%7C&v=3
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-130-42.compute-1.amazonaws.com
Software
/
Resource Hash
4d37d154d2e59b51da988ddf44efe5270846984bef3fc373ada402f2bd0bf7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
451
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 269A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 22:16:29 GMT
expires
Fri, 29 Nov 2024 22:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 63FF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
73423356780507f2b1d450d5d6d61324c38f961ff24db8bec93ea670f7d381fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2_kQEIawcUzFfu1GOz0kJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2_kQEIawcUzFfu1GOz0kJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:45 GMT
expires
Fri, 01 Dec 2023 12:03:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&ldt=NO_IMP&key=jmgEr5Ik&order=4&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 269A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
2202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame EC5C 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 01 Dec 2023 12:03:45 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar
pagead2.googlesyndication.com/pagead/ Frame 63FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=4091153902525791&rc=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 269A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7WAbOA
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect.min.js
static.anonymised.io/light/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/collect.min.js?v=0.3.0t
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4421d90bbf983478021bbc14981742e33af47dcfbbbbd2df44b975257fde30cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:53:50 GMT
content-encoding
gzip
age
595
x-guploader-uploadid
ABPtcPqBI2Pov3h-wS-dbU0ZiegaJ4_zVSUOTtjvtdDXRASKj4tojqmtSncnWeRrJRXlybFImEiZuNakyjEaW6JxfZzMFeTF9WlH
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1975
last-modified
Thu, 30 Nov 2023 10:04:44 GMT
server
UploadServer
etag
"a7e7de40031aa1643de703e2495882d4"
vary
Accept-Encoding
x-goog-generation
1701338684703619
x-goog-hash
crc32c=ybU+DA==, md5=p+feQAMaoWQ95wPiSViC1A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
1975
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Dec 2023 12:13:50 GMT
interestscores.js
static.anonymised.io/light/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/interestscores.js?v=0.3.0t
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.3.0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0409134df4107fe3d86b26248e3e8253287e929e94b690173bbab16e35686cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:49:09 GMT
content-encoding
gzip
age
876
x-guploader-uploadid
ABPtcPo7AiXXfj7rjXts25vOfSlh8Kom4Nw2lw7yHS6tnmkNLSRAgFKi8Ta5GunDVXYHTweb2Ru8aHZvqP7r4xIbm3AJ3A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1601
last-modified
Thu, 30 Nov 2023 10:04:46 GMT
server
UploadServer
etag
"a1fd6b232493c6ab6bcd2b60bba36f56"
vary
Accept-Encoding
x-goog-generation
1701338686789745
x-goog-hash
crc32c=nJwSBw==, md5=of1rIySTxqtrzStgu6NvVg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
1601
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Dec 2023 12:09:09 GMT
js
aggle.net/ 		202 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aggle.net/js?pid=NEQ7KDHP5&domain=simcast.com&pih1=&pih2=&pih3=
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a938864f9581ea3da.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
832ecde2a95e0b6b350be4b477050177facd60d8b645a99aef680e64f9132419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:47 GMT
date
Fri, 01 Dec 2023 12:03:46 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
gunicorn
content-length
202
p3p
CP="NOI OUR BUS UNI COM NAV"
xandr
p2.gcprivacy.com/v3/id/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D486b077d-367b-466a-b9ff-bd0e3d329936
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D486b077d-367b-466a-b9ff-bd0e3d329936
  • https://p2.gcprivacy.com/v3/id/xandr?id=4778378652944606084&gcid=486b077d-367b-466a-b9ff-bd0e3d329936
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p2.gcprivacy.com/v3/id/xandr?id=4778378652944606084&gcid=486b077d-367b-466a-b9ff-bd0e3d329936
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Server
3.217.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-130-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:45 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:45 GMT
an-x-request-uuid
1ad3219b-77e7-4c23-8d13-5c8a2a124403
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://p2.gcprivacy.com/v3/id/xandr?id=4778378652944606084&gcid=486b077d-367b-466a-b9ff-bd0e3d329936
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 521B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=4091153902525791&bg=!v7ylvPPNAAY3kmNgF5I7ADQBe5WfOB4Z_nz6-fWryWfLtRsRbqOYMQm02Um9QngIP4mJGKlQy1NWMSnVh4uE8V729MNAAgAAADZSAAAAAmgBB5kC0JM0pnkt5OKf17kzWl6rYfc175hc7q2FwF4FItR6rWX3FsLuG2n0eYHlyp0e2jZBdHncfMZvbMQrKkGLVQuv-jn_IJaohZk7oUspwvsIeUxweypf27u3eB789Z6Blu1APpYfnJe5wkgDendVlELpJ4fhjWsY31TYDzYPnsopvROsW89scpLQhyyh-MaStB8y4KjdJ_gq1sr8Tk4EaQCZCJ7Z674_oBSaUhz0XTUcspOTCAXVe8UF3vZS0RHY01lGoZAgy3GIQwBxaaUT6EiALmmVZLEbhbqO-06ZBJYxVfIK9yFnKz9w51Bsin4bTZRUIZIiYDScXL93vzmNbhCmM3K0oYbrKJ8-j1DbaNsJq9o9QJVPrg2ycC1gTLK9INS2cgm09siZ3inkWgv9HBDTHcjP3W_EwJXETl8nD3f3Dl1Ow4XK6g8nwuyxqVrhV1CkeXGncP3LYchtfZVFYf5WHBAjlyUF25ddNJSISCEPfvHk0Js_W9Iu5pnPN5ZxLRUFRPuj_4r8XXl5o9tt61ENN86RaxKTGMwOB9EniN7mfpAxh_qmevqyMj6NeRhtc134v_0KiEH_reRMuk1ofezp8nhEz30CtXJbXKm6z50RRIQx4iUkldq-VI7QNIO1l-nuc_AQ0nQQfhFXr3m4wSlxLTrP79lO5v3ALLrvDeGihV8VCOw3qNdXWfLxqlXoyifD4L0RtuTOnHHlMtPeX6l_zFfySiWWk94G8oDYdu5x8TGqrFpJrfVtq9fd_IiOmmkyp1HOV4zkhjxNrNPIUzqccd8hkozEWmb2aB_UexZlUBx732SMQj2bvhudhNS8FP9fYGVC2xTl5lo95kkxTtsljZhk-nxhL1qTL49m9x4ZYHkwjnGKIfwdMtJy8lS4MYvlmcfEy6AqFt-uik8SiV8PvwqgIfxBaOJyeZy8p6SH5flWbaT2BXNkWcvhiLRrbMO5lQ
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Dec 2023 12:03:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
226341
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=8.22.0&coppa=0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:46 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
/
id.a-mx.com/sync/ 		66 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=http://vingroupwin.ph/&u=https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0&tl=https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0&nf=0&rt=true&v=8.22.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
/
Resource Hash
f193d11ab4d53158fc7ed3e6edf36dfd124047b9478c20db021bcc92781ee26b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 1 Dec 2023 12:03:49 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
json
gum.criteo.com/sid/ 		2 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
195977
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6204e8d2481f5f507ffc1ddebdc0c3cff162cc34958fd46a08619a4aa20e0463

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:46 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
82eb30577fe22c35-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 01 Dec 2023 12:03:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		0
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.17.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-17-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
0
access-control-allow-origin
https://simcast.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
3d4f23d6fb96ea4b
expires
Fri, 01 Dec 2023 13:03:49 GMT
id
id.crwdcntrl.net/ 		43 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17228
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.3.189
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:49 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Dec 2023 12:03:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		279 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1709751277934431&correlator=4057643642480206&eid=31079525%2C31078979&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_2%2Csmc_300v_4%2Csmc_300v_3%2Csmc_sticky_footer_2%2Csmc_200v_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x250%7C970x90%7C728x250%7C728x90%2C336x280%7C320x100%7C300x250%7C300x100%2C336x280%7C320x100%7C300x250%7C300x100%2C728x90%2C970x90%7C728x90&ifi=2&sfv=1-0-40&sc=1&cookie=ID%3Dd5d02b443946ad20%3AT%3D1701432225%3ART%3D1701432225%3AS%3DALNI_MZf0Jlmax0qc2OEonFdVExZQXlGlQ&gpic=UID%3D00000cffb8f654ca%3AT%3D1701432225%3ART%3D1701432225%3AS%3DALNI_MaDaiPt0_aYDGeBamUI7wLwKzQ35g&abxe=1&dt=1701432226360&lmt=1701432226&adxs=315%2C791%2C1230%2C0%2C315&adys=310%2C1172%2C405%2C1834%2C1602&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&ref=http%3A%2F%2Fvingroupwin.ph%2F&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1764%7C1600x0&msz=1600x0%7C417x0%7C339x0%7C728x0%7C1600x0&fws=0%2C0%2C0%2C128%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1642492729.1701432225&ga_sid=1701432225&ga_hid=1148522360&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRi8242qwjFIAFICCGQSGAoJeWFob28uY29tGLvcjarCMUgAUgIIbxIZCgp1aWRhcGkuY29tGLzbjarCMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YtN2NqsIxSABSAghqEhwKDWNyd2RjbnRybC5uZXQYvNuNqsIxSABSAghkEhkKCnB1YmNpZC5vcmcY4NuNqsIxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLzbjarCMUgAUgIIZBIXCghydGJob3VzZRjP3I2qwjFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pZGtaelowZ3pOa1JTVjJreGVUZDNSV1ZPUjNsdlp6MDlJbjA9GNLejarCMUgAEhsKDGxpdmVyYW1wLmNvbRi25I2qwjFIAFICCGQSHQoObGl2ZWludGVudC5jb20YtuSNqsIxSABSAghk&dlt=1701432223594&idt=1581&ppid=1aeb3c93cfe34dff927593b0b57d336a&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpeculiaritywater.pro%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.11%26hb_adid%3D125571e582414655%26hb_bidder%3Dcriteo%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpeculiaritywater.pro%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.03%26hb_adid%3D126d555f3da36124%26hb_bidder%3Dcriteo%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpeculiaritywater.pro%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.04%26hb_adid%3D12799bd6dbf61962%26hb_bidder%3Dcriteo%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpeculiaritywater.pro%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D1287231fbc9d65a2%26hb_bidder%3Dcriteo%26anh%3Dadhesion%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dpeculiaritywater.pro%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.05%26hb_adid%3D129e5b62929b2fd5%26hb_bidder%3Dcriteo%26anh%3Dtrue&cust_params=gcRTDTest%3Dfalse%26pbstck_ab_test%3Dfalse%26wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D300%26wrap_l%3D2400%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D500%26padpr%3D19%2633acrossId%3Dfalse%26amxId%3Dfalse%26criteo%3Dfalse%26hadronId%3Dfalse%26id5Id%3Dfalse%26identityLink%3Dfalse%26liveIntentId%3Dfalse%26lotamePanoramaId%3Dfalse%26pairId%3Dfalse%26quantcastId%3Dfalse%26sharedId%3Dtrue%26teadsId%3Dfalse%26uid2%3Dfalse%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26gc_bucket%3DH%26waae%3D900%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&adks=125911241%2C4133832132%2C4208745890%2C2338507857%2C1310654084&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58d96fd0c18204b29fc3050b9bc26416d903d59c254d219585fdcf92119691d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38311
x-xss-protection
0
google-lineitem-id
-1,5862064272,5863976789,5862064272,5863975385
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138375818529,138375813623,138375813620,138376269754
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FD0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:46 GMT
expires
Sat, 30 Nov 2024 12:03:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jsync
aggle.net/ 		325 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aggle.net/jsync?pid=NEQ7KDHP5&domain=simcast.com&pih1=&pih2=&pih3=
Requested by
Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=simcast.com&pih1=&pih2=&pih3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a938864f9581ea3da.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
bd7a510363ab2e9bbbb324e2be0d1b786c45feb1444276572d9cecab6b48cdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:47 GMT
date
Fri, 01 Dec 2023 12:03:46 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
gunicorn
content-length
325
p3p
CP="NOI OUR BUS UNI COM NAV"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
baeb651dd46721485adebee331e78e22a9134c2f18e9cdb84c40c27e4134b435
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 521B 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091153902525791&correlator=4367041321279085&hxva=1&scor=2932347095281719&eid=31079829%2C31079807%2C31079527%2C44714449&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=92056281%2Cdefault_outstream%2Cfloat&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x100%7C300x60%7C300x50%7C1x1&ifi=2&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd5d02b443946ad20%3AT%3D1701432225%3ART%3D1701432225%3AS%3DALNI_MZf0Jlmax0qc2OEonFdVExZQXlGlQ&gpic=UID%3D00000cffb8f654ca%3AT%3D1701432225%3ART%3D1701432225%3AS%3DALNI_MaDaiPt0_aYDGeBamUI7wLwKzQ35g&abxe=1&dt=1701432226404&lmt=1701432226&adxs=401&adys=419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=lsvdjvwkap7y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&ref=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dvingroupwin.ph%26pcid%3D48%26rid%3D112%26a%3D0&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1225766708.1701432225&ga_sid=1701432225&ga_hid=388796941&ga_fc=false&ga_cid=1642492729.1701432225&dlt=1701432224934&idt=268&cust_params=sessionKey%3D374863-d9gzpd8zmvi88yla%26version%3Dos-0.0.2&adks=3417751721&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3e7d94c7a4cbaec5a2074f723f6cfca44cc83bff0cfb3d25acf85134a2cdf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16537
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:03:51 GMT
crum
dsum-sec.casalemedia.com/ Frame 521B
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=0&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=0&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRAT...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=09dd22040041bcb933a17824&expiration=[EXPIRATION]&gdpr=0&gdprConsent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=09dd22040041bcb933a17824&expiration=[EXPIRATION]&gdpr=0&gdprConsent=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzzGconASFWByJeEaqSityZs9do7kkTZbSkfbxed7xJeZ5UmhiDAWAjppThN3S1m2FUDjg7Z3MEz1A2peRPVEW2NXslZmvvS4K2DCE8ngFtll0UAQJDR7JSxxjHKUfyjb%2FNhfBOCvxpCRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb306ffa923645-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=09dd22040041bcb933a17824&expiration=[EXPIRATION]&gdpr=0&gdprConsent=
date
Fri, 01 Dec 2023 12:03:50 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
universal.creative.js
cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/ Frame D915 		0
0
universal.creative.js
cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/ Frame 772E 		0
0
universal.creative.js
cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/ Frame BF80 		0
0
universal.creative.js
cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/ Frame 171F 		0
0
cs
a.usbrowserspeed.com/ 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 5CFE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 01 Dec 2023 02:37:57 GMT
age
33952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5CFE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 08:33:14 GMT
age
531035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 08:33:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5CFE 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 01 Dec 2023 11:48:28 GMT
age
921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Nov 2024 11:48:28 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5CFE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:42:18 GMT
age
152491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Nov 2024 17:42:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5CFE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 14:54:32 GMT
age
76157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 29 Nov 2024 14:54:32 GMT
css
fonts.googleapis.com/ Frame 5CFE 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:31:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:03:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5CFE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:17:56 GMT
x-content-type-options
nosniff
server
cafe
age
67553
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 01 Dec 2023 17:17:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5CFE 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
52031
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Dec 2023 21:36:38 GMT
l
www.google.com/ads/measurement/ Frame 5CFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSEp8M679BcgD2CWpiq-MUnDFVSc150P2GEuJ7xKGfKcX_ErdEnikMiBGRZ_xrHQfYljajxdot4MsUn3fH7gKHxduHmQ
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame D5B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdLr6gqADu0uVOiypk7RbodtC-jJ3TVuqKmywUOfrfgpkbXmPCe5DPr6vtJyHC9SHUWXUfopsTK8p77M3RagT80naKmSAk20C4GBbd5ayElHbEqJQFCBN4loi82AWGMzooYCdxwmPEFG9l2aWqlif2oI6Q40rjIt62wLt_QRvd_4Rpk8fLCiLXoI-BsqMto0vs3RPwrAmbxrJS3H3YcFlEVeemCz3A4pNkLGb6DayvTjET1Y68GLJ7OTTt1KkwMBVXO2C-FrGA-yEZozbrL_qhr6TfpYHTlHq9acv6jpwjZgzpPc8mCBWVu8-mwUX6gCk7Hw3LL7byoPRZ1UM_gZU58QE2foE3-Q&sai=AMfl-YRzmaP5W2RFP7LHeBWo0IY3EFK9isH2BahvmchPb_vhLERpusr0dhBukSuP2qnqISQG7HdIdk6_0nXCKjuc0BhPM9mnrrbVJhySiCp5RKnlN_HCk4PBNNyo7vl0vA7xeTREqScFN5pDLLilcL7YZThtosYTt0soExWd9w&sig=Cg0ArKJSzEUyzQq7lLAjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 487C 		120 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5273933b35cc65681d5e4bcb46d9f13cab082c0db85cb392ac1f5ab5810859f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UI2Pjtkf01w40agOIyzh72ndyxZjIjtD6K6fnwuGPtYDkKyNU7oXChvjpAIcNw3ItA77CWtrHft9xTlQMkEfUBDB2otL9gK8VASRceBTni7fQ-Ra3b5zRYKXdZNjXafwNyc5-ekz1X37XGlh3vI_hRoaty3gyyQFlm3EEraR2Zfn2NegJXFmb9He6zldUYV95_FDOhP4tw5fEbfkc2T9HnIpVZO4OuYyFfkVQ_dW4H-Uil9tSYxh8sgD2-II8yWMPWS3vg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
15140480
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D5B4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssBZ23qjwXNnql8RydxHS81qv5O9PNZXCzLrdQbaDMkfmGZuOuMSP-lM7HJhxunpAKiQo0gNb0wKIoenf5ZSc87LiV-d7fXPZlwWpvlxuYDy_Mw_nCb454taSZzRwAacAZfZKkS9m6PCVs8_IiLOlV_mcxq2EPwUZ9mvVAmsEQRmLuQ1uVJA5HE5UaNX28Pg_kO6zIFaaqFdaUj-qaaMuKeShxA1A6LKDsY4QoBMc4XSNtFo1ujew9jDhZlllYh_Hb5Mac7PKScocpj8z5Nks_80eNN5KB6VB5mUuzG0FIWe9Y4pIVil-_jfD7rdvsWIz-ZULnrwgfYf5ljz3x-zcg1-O_a5-OXQ&sai=AMfl-YTeMqdnaET5PoOo0fFc1YGEkBgz8LjGh4l6Q_qidHZXrYtIDeXZYC2SAzZTh_9CBwA7p2Bl_Kztq_9cajlKvJ0MOMx2kMNDmoTHySmyxek1b-7HyZEY6vOdPmFs2yyLmWmjX1ksT0jmvWNlFWGu8SaQwbYv_qClApuAgw&sig=Cg0ArKJSzN09H5cAAORLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 139F 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eaefcba099dd5b6fd7ba98791d0bf773f604bff76772876a0dea2823641137fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aNndz9kf01w40agOh89Z0SoHxOdS2l_aiG0GebSAOAd42nYnbth5DQAJz8-M-Mlp4vOEOWUOrs54En69NQwuAA6-UiDoxfEcqUTXwwP_j5xzXijlV-kPVyFy4ROjDVXUCHGPTcvIR7gCikvCO70rn85yazha6bQJQ2exDTUA5FvD249xlVzrPrMgzLN3_ilSx15ISUKhdo30G4duSWhIMjbKjmAJowLyb-XMs9xCRJwcia_8Hh2QG1rOlJfasOOhdjVdOw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
17506755
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E2AD 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9894 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-47D9CNh0NPihyT7txUgNX4ODRa_uBz2WyDwv6rQanCcOFrqS2SbWztc6qNdS3cpfTxC8dFkW0A5mquF8sv_upGy19OLhrSQbiX_o-dHrv4RD2PBKDMLPDpeYLM-EWA2-pk53UNMV-z2GuUp4KBj7akSj9-tMwnfD448uzL0YViDW8HEL5op026w6cCYqoIpfYk18X0teV_NRgD_o7nL23a3fgk4seeWg8kcVwWx_EzIOS_oa1isleVLK-QVioEkATjJkr40X6ONdkSbb8t-nQIppdByOFfJRFO69zDnXD03dVfGWyUH98pipee22CUdpPGyiY5M2MsY_9ULx1Q8YBzUBgWfGRx1j9L5KC6ubVw&sai=AMfl-YSULpxMXqgVY3K8TddICiXiKXvVw8MI5bhuUn9n8dMWeQLw-wQRrC6K1mXalo_sNZBeP3aGm4Je69IaxZdXB3qDCzIz6s7Qm25l7hf3yDxi8sIHvEHB9faYfX1VTkIs7wW8T-vQLlz7NhWn8S724w4HEmSYsbrG_1-nLw&sig=Cg0ArKJSzEB4QtivwlLZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2712 		119 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf141c19df1016a6d3488a1fcb4c1f6e346aa3c483f45b8dbe87605f498ca6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pnhpFdkf01w40agOFGYL0T2syBl4xzTmhdd24LEiJDDjAANeb-TY_-1ZM0r8GspZHtHRl62FcPBbUFWiigYCw22F00svCenkKHsgBe2q7K6Hum9hwmLcNTAI8kEE9VNSWJCi-6CwpI0mFbKpCRDok6okx62skn6SAWsgsfq5xtfcT_ht9WeMx5DoP7T3G4tVr47qCClX7UZF1ZkDPWtYm1_4iweR2rE6-E3m-tuoZ2o_qhygit42kX4_TvFuI9FhEWzZ0A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
14169202
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9894 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM4YGZBZWIGl2sLZdtrQTGx1hQHNvD_WONtTPwcS7cTOTsHWwHxcnR9R9qpFJoWN-t9y0AQOP_6XijgWu1vmNRKJLCPlqPr4Ni9NzoQCahf1fr7xrFwl_tmyfHsYepVPAfGJpCAM4qWENI3egDIRoJIYHaEbAWdSpUg_QwKq8Chw-3ZeSrXDKOJ4IQ4YoPdkKUJ4KzmPo1h1-XB5TGe3sXkBzGVYRZ_4jhHNEdwb5-CGwokzr-iykVRdEeXHhQ-3IQR2ZiUYOsl7Rhyq2cdcv66ogotwF7HmbyciIEJuIyO55bjcXndv3AAOJJbtSE9wms7JRqhKw-kkqbXf1M9MhOe4eMF85CEQ&sai=AMfl-YQdPy53qfqVBYxNlbUjrIl-bjS_B2KWkdrIrrCqhmfot0xvzSVs4B-_QQ4UUEGWJpLkYFrNHzu3MbZPRvZbA69EreVcmPEB3CY1QLVltB--pMtuBSg7zvtSrzczfsS1YCne3Db6hZPOzUNMa31gzGa87PtRDORul5LfQg&sig=Cg0ArKJSzOFtbrZtk0pqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: vingroupwin.ph
URL: http://vingroupwin.ph/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E7C2 		119 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6ee66462dfd582be1a93a2846cfd60d37d33d72ab5ed2ba22cc0f22ea199bbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MwaC59kf01w40agO1sR_1qD7RpTxgtcoXiRbKmoJeyEcKjXNRQPlWABZrKssf3xxu0PmOtb4gAx3tqvo96v9r4hvOpTFUicuDGVxUosD4YhW-JtMhmesPdV_-jnGTCqUv1vcfJ_448k9x8QqmqcyYfauhWS05qTUhemh1e_kPAiycghKwDPJ0h9Ys_NXOVMH-zB-z_AOhY1Di4MX5s-NjVAIoanFSLVkqvh3eiDIxa1GHXGLu_TtdB7UjzYKgYsvMP1ioA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
13946147
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D9FF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:49 GMT
tpd
cat.nl3.eu.criteo.com/ Frame D5B4 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=h8Lhnl9aN042YUF6JTJCTlNTSEg0R0d6aHRiY3F2WU5zVW16Q0VOSjhjZEoxa0lld3NjTmxCM0E4UnhLYXI3TFl6R2VydENwR0dlNVRDTG4zVWlUZ3J3Tk5qNkUzZGFxTlFhS1NhVTFYWk16YTJ3UzhTVHcyRHo1dyUyRlp3RUFuTW5qVmd4T2pRckJnMWxad0lvcjNtUTFOTW1TVzBxNm1TSW9RNjhJTWtUcUV2bEV0RDZFUkJmVU5zNzlVbVJUeUpuQ0xoa2NZOWlvdU91aVJnTzc2VVVEV2JXZWc1NWFEdUdKbDBtWm1hSE4wNFVsclRxcU9tbThjekh4elFJRnNRcWR4R3Y4bWNXbiUyQkJQaVZjcnE4bU55ZWMzYSUyQlJmJTJGS3d0cHBtUVpraU1SVnI1NGVRQWxpWDdiRVpJTG50bGxSWDQ1Z3RDS2JwV3NnaVA4Y09HSnJ5WUpTSkJXc1RVMkR4RE42QnBla0pYQUlMVkFSWlZVcWVScyUyQkh2RUFRODU5RW8zZk8wS3NNM01ybFBENnpoJTJCQnUwZHdENkVLZ0xCY2h2YjhremEyeVIzNkwwcjY5UThxTTNDSGNFVGRValJHUFA1RnlxbVZ0RGhqJTJGZnBzSVV5a0o3UFB1dnZoTlNZWHIxJTJCWmR4WXN1eEp6TVU2RGVPWlBWdHBXS1Q4b3VNUEZNUm42emJwRQ
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
222286
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
tpd
cat.nl3.eu.criteo.com/ Frame E2AD 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=fURbul9aN042YUF6JTJCTlNTSEg0R0d6aHRiY3F2WU5zVW16Q0VOSjhjZEoxa0lld3NjTmxCM0E4UnhLYXI3TFl6R2VydENwR0dlNVRDTG4zVWlUZ3J3Tk5qNkU1SlAlMkJISmVSVDlweEJXUFRaS3pFNWpwJTJCWlJTQ2R6eGdSajdBT3U4WTB4TmxES0VJZzlPWWZSWUhFOUNDciUyQmo0MHFYR2piVnMlMkZ4S2VhcE8yaGJVeXQxVnFJckRzd3RwemY0ZHlCVEYwdmh4JTJCSGI5ejBqUk16VyUyRjFseDFtMFpIdXhvandaYlplTiUyQjJQWmR1UGs4S2d5RFhFZVBkM3hzMHZvN01DSDNOamVrdlh3c1RNWDBIbEtpT3Zud0dzJTJGckNzc3JJM0g4T1V4RW1lZDd3eiUyQjRrOVRzJTJGUldNQWxVZjh5JTJGYkJCY3E5UklMU2JTM2dlNEluZk9RMmp6TXZMMVowd0x0V0d5WEJDY2xacmVMOVlXNm1hTndlNzVlcDh3aDQ2U1I4MjNvaDQ3Wk9XR1NSMzMweGclMkYlMkJiUTlvdDNkWWlCbzB1T0pmQlpkcE4yQXRWeXRqZTdiSXpYMmk4aUlJdG5DeXRPcElqbDVEVUZoVHVHTDFZVEFtRlhxc2lmVWltR09ZVkJSNmFuclJkMktUbHI1amZidlR1N0I1NjBmNWhQQXJnT0dvRFU1UXM
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
322728
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
tpd
cat.nl3.eu.criteo.com/ Frame 9894 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=NCpzQF9aN042YUF6JTJCTlNTSEg0R0d6aHRiY3F2WU5zVW16Q0VOSjhjZEoxa0lld3NjTmxCM0E4UnhLYXI3TFl6R2VydENoMHFJZTJ4UkJwSjF4a2UwbFVEZm1IbnpsbU15elNZdSUyRmFMVXlHSXlFcFNNNEdHVUZxSXNHMiUyQjM3WEllYnpIUHRYMnFlYlRzOGlVYWRvSGN4OGFNZGd6U0NPRFF6MGZWWTFBV044U3FPc3AwbVljMEZDJTJGZmZLdU84YkMlMkZNeCUyQjFreXdENkliWklLalpsSGN3ZXJhbDBnOHdNS1NOek9qSWp5ajdrZHI5OTlYJTJCNVlkSUpnd0slMkZ0WU5aM0lLYmNtQWJrMWNSSzREU0JZenlwQ1BaZzYxY3hCSEZGb0dFU1lUNCUyRkNiUHMwM00lMkZWdlNlQXJyVmVEMmdvZU5CJTJCaFVaeFROdTByWThXYTdZWDZ5YnVQVFBPQXVYJTJGdDBnWSUyQm5VaGRKUHRBTjN0QUh5SHFTOWhTTzRGZ0YxVWdGcUtXa2llMlRqemlQdlNMdFd5VmpXdmdjM0dCQ2E3WnZyZTdVTkNMWjZVa0h5ekJpeVN5c1FHSDFSMCUyRjNjTlNWRVdrVEhtaWM0MWZIJTJGTHZpeWxSS1dMVkxZdW1JNGpiRWlOZlRyVlRtZlpjTTZESHBvUG5uM0lpRHNqVUJTZDl5ODVGajMySw
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
208852
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
tpd
cat.nl3.eu.criteo.com/ Frame D9FF 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=h0JM819aN042YUF6JTJCTlNTSEg0R0d6aHRiY3F2WU5zVW16Q0VOSjhjZEoxa0lld3NjTmxCM0E4UnhLYXI3TFl6R2VydENaT0ZZMU1kbFk4YVlwRGtuMEo4NkdMN0pUdnJjbzMlMkJKaUc2NlUzMyUyQkY3QmJ2bFYwM1RpTGRseHVIdGdicUVKaHo5dEtyNTJmc1lkSXdZR09lbGNNZzREa05KcVZrQno5U21EYnY5MlRYQk9zOFBRZCUyQk15cXZ5c08yTkt4cmJvJTJGTEZncnJVcnYzdXc0Z2pnTGc3MXQ3RHdoVnA2eEtvSjF6azZQanZoVXJwOFk3ZnAlMkJvZXYwcUxwOTVadXVBZDIlMkZueDh6eEJMOElkJTJCZmZBa0cwQnJWTENTbmpvZ09OdHZZakFTWEVnTFlNeTlDR3pDZ1lwUUVRaGVaSDkxV1RpMTEyYjFkSyUyRjV4MnZ4WFcwWGlQJTJCanA1MEVGaTlsaHl0NmZqa1R1ekpHMFNBOUxWbExXdTFPREk2JTJGVmxwMDRxUEtBQ1FlNTlya294VTlEZDIlMkY2VEcwYUIwNWtDNnR1Q0o1NEhZWUN1TUhadHBGcWdVejU4bG1rdEVxUVV3bndZaU8zVzFKNEglMkJmcGNwQkt5dGsxSlglMkZwQ1NHMVJOWnN3NUc5c0hNUFl1VmhtdVNQb2hVNlFzJTJCSDVZampHUlVUdFp6Qw
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
192230
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
14763004658117789537
tpc.googlesyndication.com/simgad/13347325732959649016/ Frame 5CFE 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13347325732959649016/14763004658117789537
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdff91b4e14b9ea96f0ad4208b700fd542167bb0c884cb1194fd6e13ea428f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 11:37:23 GMT
x-content-type-options
nosniff
age
519986
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160961
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 07:26:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Nov 2024 11:37:23 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10193359481425696880/ Frame 5CFE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10193359481425696880/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7f30869dbee15b1b57ff079d0ac0efd1e8780b5f1db26a8cfabeb6ac2738d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:45:11 GMT
x-content-type-options
nosniff
age
274718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6474
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 18:37:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 07:45:11 GMT
truncated
/ Frame 5CFE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
489024233d2026a7345f8675cd114e412771c2d74b301ab3be9cf7878652dcdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
container.html
1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:45 GMT
expires
Sat, 30 Nov 2024 12:03:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&ldt=AD_IMP&key=jmgEr5Ik&order=5&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5CFE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
561938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 23:58:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5CFE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
571087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
579.json
id5-sync.com/g/v2/ 		251 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
518a661b70a46a55c5ead917a7b2fa19e81149ea0d82c8f6a797a70930fcc3a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dr
as.ad4m.at/ad/ Frame 1E7F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4110f7d012a6bd95e16b7f763e19cd59d2eb5749813743117be4caf01e478138
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb306be8fc3834-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E3EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
57871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 19A7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E3EB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
57871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
l
www.google.com/ads/measurement/ Frame E3EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCAgYzf0sm6JyNJ1BeGCAduxKe4mYm7Wno_Wi07Qun_dsD9hzLdnLaJmpPaqG6GKpAw1pFPhIkKuajDJIWX7Ci_RVVfw
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E3EB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
239636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Nov 2024 17:29:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E3EB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:03:49 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E7C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E7C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E7C2 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Nov 2024 12:03:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E7C2 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Nov 2024 12:03:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E7C2 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4Is05yzTH-5ogub-lkuAj3iOheW1unLtqc10RLqNODyzYdQ8Zo5foEqxIZ9Zm69y41JhvJDGT0WqqGl7b43JqQO8WoLIK5jWujhbx1THsBw4m1E9yoBNLMypfyTiYJT7vC8cxP4HyK9ZdHOapdBYFGH0hTS4WNjlWh0u0ftK8yVCgbvB33EGgJKhobU4-vp8700xuSmXQ-2nvsP8liiJc6ndZP3idJXzSY7R6pKsCsDokKe1g6SEuV6zYJnF4GGEG9qwpStSrHhkNS6uXWtWTPuU-NUT2_i2IJQAugdlp_AC8tApoTICpjGRO2b1Rw9MmEPT_58rOa-r9ACkIaM8X-ULt5K5FVqdJ2bESrjqAHmEl5N1-sAOxglqR3zojfwMEanLLLNP54OgbRnUaRSWBClOUFA_X7TP0RPS1pJj_j4QH0wgrLlpVLdiBt8gBbR4_Es-HQHSeytFr0Y-r5fqLAQr87g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2500343
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame B43A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba54938196605e1200066d04d20&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e51f844f22309b273e9ed051120efb8d33f4cb92668bffce7bf99a4b1d084c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1870871
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame E7C2 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame E7C2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2F8286b7d0e2304910a0154cf8e2722f24_thsf.jpg&v=3&rid=73&s=aLGIwSiJg0pP-DuiMgRWGZhw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b55fcf673a3e39197b7eb7a98ac3276684ac58d06198232e8d7eb18f975742fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13264
expires
Sat, 02 Nov 2024 07:00:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame E7C2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=148&m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2Fae54928deaba413e84dad037c9de39ec_7e59f46e-5aaa-4290-a8b4-dd23929e23a7.jpg&v=3&w=284&rid=73&s=winpRSNBFg2EXBT8Jrg1F-c6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c47c146a34af8f548b23a848879b2f2366fde98f0a5b84fea53ce93c8d308f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1124
expires
Sat, 02 Nov 2024 06:58:52 GMT
all
csm.eu.criteo.net/ Frame E7C2 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MwaC59kf01w40agO1sR_1qD7RpTxgtcoXiRbKmoJeyEcKjXNRQPlWABZrKssf3xxu0PmOtb4gAx3tqvo96v9r4hvOpTFUicuDGVxUosD4YhW-JtMhmesPdV_-jnGTCqUv1vcfJ_448k9x8QqmqcyYfauhWS05qTUhemh1e_kPAiycghKwDPJ0h9Ys_NXOVMH-zB-z_AOhY1Di4MX5s-NjVAIoanFSLVkqvh3eiDIxa1GHXGLu_TtdB7UjzYKgYsvMP1ioA&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E7C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E7C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2712 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2712 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2712 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Nov 2024 12:03:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2712 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Nov 2024 12:03:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2712 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R9gCTPTy5zSfy0z2VWBgBY4xzmuXDCd9LCFzFaQrdGml2Om6LaOAYDQjYcq3EHG5nLjKRd7ywrK2QoUBpr-ZOtYz_FJzxNJomeS9lCEPbWYTiQ1xFt3B7PReYQblOPRzvGipfQ9TH54UWqdEpcuB9wzgXH5jp5bew-NNB3fwtHMTUxe3ajRiVXmoFyu57uHYyJhz5bjgp5zxWcObvojPROJIISbLMebuF-zP4J2y9XI-i8w3UONmp3z0BRXljRlDGmVerdCUr40Lml4ECu1F0kOlhbX5fy8g-7BtGWlRIc220bKpYWDUjXMbbeJIq8BUZcpjgFeWlt7lfc57qGBXmUqSe5CVgpLS0pn3EJWgrjdPHyzi_w4YNXpbPB6RJWkacs-OcG1ZHcavtfGRQ2uZWYWy1jx4031q7TT2w1toDUI7iD0QYxzqQ16Lq2y0r882TDsKKw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2196441
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 487C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 487C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 487C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Nov 2024 12:03:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 487C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Nov 2024 12:03:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 487C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iT8KuHM5UnZhCRQotdAIIWWIZmNwAzt4OdQL0Go-jxnBLfxFB6BiSKg36rPNiCHAboD2ROSxN_LiWoo9aaPZKFApl5wDOYHJmoDRCN3yu-kCGKzqGY3Oq5UxjJe5RPR_5KtweWKZwmNpQRkXSOLAsmDAq4xBRC2opKt_1btLeb4du62upD6xKe9fWqVUyV-IUwZJ6diV-z_4U-51RIpJBekndWpvrwDQab0U92d-KLbmAYFbLsEFq2B5PqTDW4zXLwfhEYqUrcvS-v9oH4k2ozA437B2yA-MSgVrPmqOdmRm2LuCA1xeKiE0cA-dIgkoQKImnE5Z5bdu1ZyejEiOaTUfhbxI1WGuEZGhNOARReKaXAewiXJzjz6j47VH0J32uMsTl74nbB451v0xJ0AWGMmFH7aLHMarouvk4p9u1bPFRYK-CfP4fWW9Y2FL7mAdpIHkVQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2216719
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D5B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX-AIC4cnvNrMRCAT03Gt0gojKijpNGKZrgllo-0H5EQc6qQB-HQa-ASWNYPE06yVppDy-VWugawefj4V3Zu41ar1OThUzD4Zx-ov84y-Vq97IT0jiQjHUDvm6Wt3ZYNU8FJRUqlXM7v8npjUya71Vj2oAS-XVPQb7OUgube6BqmvAjIQJf0Aa1k3mWVTDgY7YkCKnehLrskP586VLQgGOEBgHXgrtUWiFOhncSI_EL8gAgf-x9TkcwoTtYzUD2YHXVf497KMJhzVriMy3T_RPIyZ_drVFI7s25L3oHi6dbpsYu6jaazzMeg-dAHNiYLOq_j1Uu1Ix5BOkNDrLHl5ppIBARSc8Rv2Q&sai=AMfl-YSHCHAiaS86ysOXWtepb_7GcFhhX1McM6QafRtkz-x2FifvTG2npgVusN3aNIxxWlwwYPnmDlptiPjzoUVT9LYEC-RjexPmNIpMCtUdvYMCu17xjGit9bcf8xVG_l6ylE1TTs3au8pxYogl1YbBPwuqc7ju10q4NUEfzA&sig=Cg0ArKJSzOlQphz8UOKtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:03:49 GMT
truncated
/ Frame D5B4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab30dba198d7a1161ad298f6f88bbdaa5705fd5d18ca4a666e61f7b8ba9635fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame FE5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e51f844f22309b273e9ed051120efb8d33f4cb92668bffce7bf99a4b1d084c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2100767
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 19A7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMq2MjcJ7hSupU36STSL188&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THBXR2szV2UxUjkyZmo1&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQo...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THBXR2szV2UxUjkyZmo1&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQoXMs2036sauWSqRGY70vzEzk4hjnTMWEg-8y1MqLVO80PahW3t8cTY
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THBXR2szV2UxUjkyZmo1&google_gid=CAESEMq2MjcJ7hSupU36STSL188&google_cver=1&google_push=AXcoOmRwlL9dEErQsLC8wk5hECyPZiRSnqEwlG_DbN1QGQoXMs2036sauWSqRGY70vzEzk4hjnTMWEg-8y1MqLVO80PahW3t8cTY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 19A7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfo...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb306dac07bb79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
151
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENDz_3HVKXf7zDEznjOSynQ&google_cver=1&google_push=AXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQXrWLOK-1ZrbFaIdTBDNDqkBczkVypssVdyhLcHl0EcI3DTNCWAfSFN-dJlHTM2lPqTENpvOOCaMFVJKXVEOU8OeMwYfoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb306c6a35bb79-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 19A7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJueslNL6cYi62UOuds_91U&google_cver=1&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw2aJHhK_w5yRlkknAPZQ&google_hm=zIlXEWesRT6zYALl5x...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw2aJHhK_w5yRlkknAPZQ&google_hm=zIlXEWesRT6zYALl5xEXzAE
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6mHij75uwoWPvuuMXNQSo-QTzsBw5CtDHugXXxfi9kOYTr4KajmmcI4CGNY5SXv57O1rMga5Jzbw2aJHhK_w5yRlkknAPZQ&google_hm=zIlXEWesRT6zYALl5xEXzAE
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 19A7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB4Up5rg_fguKwBgjtVsDBU&google_cver=1&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JK...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzU5NTc3OTkzODk3MzgzOQ%3D%3D&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JKbGFh...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzU5NTc3OTkzODk3MzgzOQ%3D%3D&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JKbGFh1MdIUAoohS
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzU5NTc3OTkzODk3MzgzOQ%3D%3D&google_push=AXcoOmTOI_n30USa1gyF8agt6czMII9xTSM2KamyAEvOp4wtXkU6VMHD3FfKUyTDLKl-oSS9MmQMBknBvgv4JKbGFh1MdIUAoohS
Date
Fri, 01 Dec 2023 12:03:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 19A7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGSh2cBmnYwVEjknxFaAcKE&google_cver=1&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNS1RGOE4tMU0tS1hWWg==&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f6aHkFoWQIOu--vyMfcxtnRUyc
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNS1RGOE4tMU0tS1hWWg==&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f6aHkFoWQIOu--vyMfcxtnRUyc
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNS1RGOE4tMU0tS1hWWg==&google_push=AXcoOmR59p2erDGVjP84LND_owFiJv09wI_BOzBU3KTBUdQ2xPZBm85tgiflM2BElMmf4rqxS-f6aHkFoWQIOu--vyMfcxtnRUyc
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
/
onetag-sys.com/match/ Frame 19A7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBCF-TEeyZDE_yQSWF3Q2P8&google_cver=1&google_push=AXcoOmS9-2oUwDjdoqv7mwj8nS0uJXA5MUMo-OMYFBBSTDUZfHVhDUTgbCgrv5CrBfPpwCISUpRISTB_Je4...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS9-2oUwDjdoqv7mwj8nS0uJXA5MUMo-OMYFBBSTDUZfHVhDUTgbCgrv5CrBfPpwCISUpRISTB_Je4uodqneVrqc97p7hgn-mw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 19A7 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFGEEBDCarKdy3Ut1fU8F_4&google_cver=1&google_push=AXcoOmTTTH9pagdP0XiIjN9e0JWqLl7Z3jmwj8VKZrqWU-4_AekCD8wmIyI5SxBVvJ42fxk_W3di-O7NS22hwUU2HxGaNW94I2JZ_y8
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 19A7 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGbs8j3CPaLrx9LhPZ-9-4xw2Z2I3PNpRTE8I7CVGREmn8y7YhtcVxEegN3OsC6kj5Dowgmqc
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame BDA1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e51f844f22309b273e9ed051120efb8d33f4cb92668bffce7bf99a4b1d084c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 01 Dec 2023 12:03:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1993499
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame 487C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 139F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 139F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 139F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 25 Nov 2024 12:03:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 139F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 25 Nov 2024 12:03:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 139F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Gnfbi3M5UnZhCRQotdAIIWWIZmNwAzt4OdQL0Go-jxnBLfxFB6BiSKg36rPNiCHAboD2RByWRg89P7LVdYc10Nui21j99ZeCVUaYhDK1zlnhlY-qTEn-1Loz_xFtI9Y0L6WanSLG4m5UVgEM4Id0sZxFuT-iaSVNKBY4QyIBm2G0sC4yMJeTIoD3Gdn8kZspnp27JhP7ksBzhO4-pN8wPfAXx89d3oAqEyA8eEKWL4PGsJHAOQJ9OEQmzqCUNA8WvKfVL2O_ZlpIgARB6-xfPzJlBYfT50HxKTJkVdHa3BBdLaq3lQLOaJwEUXy61_1_27UYN0wTrB0ff4tY3F21koK0XNeVPKYaWNSPVzzVce9h-SEHZV3Um-2fR3brTyIm7jAopRyKbtcj6lrwr_-fbszU5Ov8kJOQtURrzwi4cNwFl2xBDGwBnBKWfigjSabv-i0DKw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2036891
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame E3EB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b149c1c5459ae7066f1e5a8cd82fc9e09171a8ee53664ce7f607f8715ae079fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 1E7F 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1573346
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g6GRFi3SBpJS4tmq9ZlUqNjsR%2FhT4WlEGdK%2BoG1eQXYldZk15LGd%2FNzS15SuQM%2Fxh5Udi1TIxyPlnRA5SA8c2cucpEC2ZODuouJ9N%2Fx5rkob1epH9y%2FhVhsxpAJVx4alzmi9gf3QMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb306c798a3834-FRA
expires
Sat, 02 Dec 2023 12:03:49 GMT
r62eglto.js
ad4m.at/ Frame 1E7F 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182942
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCCIEStygDOBGnEyMZ%2F%2F%2FuXkjs27aGMNMa0V4zKOu8HB3zX%2FREfmIatdeqz2DBEF6B02ID5YVBjlUpDnAB7gR1qNv14rBX%2Bl2jEliG9Q6n%2Fp%2F0Y3C5NUkGsBR00PHHpjI%2BmYnWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82eb306c899c3834-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 Nov 2023 09:14:47 GMT
animejs.js
static.criteo.net/animejs/ Frame 2712 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2712 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2F8286b7d0e2304910a0154cf8e2722f24_thsf.jpg&v=3&rid=73&s=aLGIwSiJg0pP-DuiMgRWGZhw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b55fcf673a3e39197b7eb7a98ac3276684ac58d06198232e8d7eb18f975742fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13264
expires
Sat, 02 Nov 2024 07:00:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2712 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=148&m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2Fae54928deaba413e84dad037c9de39ec_7e59f46e-5aaa-4290-a8b4-dd23929e23a7.jpg&v=3&w=256&rid=73&s=jOecr89qprFlGJ8wGZOLN2Jm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c47c146a34af8f548b23a848879b2f2366fde98f0a5b84fea53ce93c8d308f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1124
expires
Sat, 02 Nov 2024 06:58:52 GMT
all
csm.eu.criteo.net/ Frame 2712 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=pnhpFdkf01w40agOFGYL0T2syBl4xzTmhdd24LEiJDDjAANeb-TY_-1ZM0r8GspZHtHRl62FcPBbUFWiigYCw22F00svCenkKHsgBe2q7K6Hum9hwmLcNTAI8kEE9VNSWJCi-6CwpI0mFbKpCRDok6okx62skn6SAWsgsfq5xtfcT_ht9WeMx5DoP7T3G4tVr47qCClX7UZF1ZkDPWtYm1_4iweR2rE6-E3m-tuoZ2o_qhygit42kX4_TvFuI9FhEWzZ0A&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2712 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2712 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLqlYIF458_chKzSI6fR9q-jv1xIYwrkIn9Tpd4AY0kksp1j656sDVAbx16vlnC0nMACQFstr8bMaGTqAvpEZMbSZD7_cUgs0Ipm2ynG3iJF5tgoMr4uqVPp618tOuybxbs9APwEAKIgqdBMxUppSC15xUlmfMIFmlDU5nPX6wDn4FZ1n-qnu7g9-JgqpOYFWs3RO8Wgn1jdA1nz9-ShBEkahWUhWTY_9BbMGa_HjA7b1_TmfyWyt2ZbV7QhppsU1dzfwyus5q9CG9BxjuWgRT1n-TsKjKgosvBM7HCowOxRUEOMUhh251vNZi2yh37repWfQ59sfkOsY60xAAK0n0acFOXrZsqyFR&sai=AMfl-YTjQjHMgVBkweXLdsAwCvTEUl8OPhyxUYAMKwM87CtIzwiBX286gkAyoHX2T8FBsfH7DOTX8Jt7QvPfvezBsx8DyNzsqhucYdBX_a9d_6YP1zrwblAMl3DNSmfzYMgqVcnskVUVd8tve89ASHgAdUFE_sForD8Bhns90g&sig=Cg0ArKJSzEvoalEXeYQ6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:03:49 GMT
truncated
/ Frame E2AD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40c875e245cc7e6abf1da525d9519ddcf22b6829ff64bf128fcc6a26df210288

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D9FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1WA2SFgZdQMFc-48Aat7OBBRjc-QAnGHDEO1Di-HAkYVLqPwfRmyu-fnpoIDKorgmKNxhkqYP0_C8TfopmyiyBjczNZhFpPMy1Q5dacvNs20HFhCVK69okGfpgYITI-c-zipBNBrJFniFZ0X6bayTGN0WJZ3We6Rd82Ztvyah0twjsQv_-7xTHI4lA_qriy_0q3STUKs872TWmVkzhjwhQPbYmqHVuxC2967YEV_hpaxTkaYiE0PnwHWcvgjaNIvLDFDHEwSTCktD9toWKvzMAemTY9MMQ86sBnBJl2JHV6oYfAG1n3-DJzUIZ1m668FrCpULMNi6dFv-lb8ekBVH1SZWZJ9ltjWs&sai=AMfl-YRDV0EnjpSTqe-mNWRoRq4zeweFwsOYTOBbnMnabSLocc3Kb5StB-Zis9rVjPS6CwnGNNUwSzZSd6jqWwVUcqLX_Q0IXtRjHqA66Eh0e0j-H2bWe2fMpf-0IQUS2aUjhJXnTsHphQpNkEQkNiJP3l5ucm9FXa3juf0bDg&sig=Cg0ArKJSzGL9c_t7RBlqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:03:49 GMT
truncated
/ Frame D9FF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fc612f56e0025fca0b9d98eeaf669c5c04ba0cbcc817cc53a2be340f335bf9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 487C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2F8286b7d0e2304910a0154cf8e2722f24_thsf.jpg&v=3&rid=73&s=aLGIwSiJg0pP-DuiMgRWGZhw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b55fcf673a3e39197b7eb7a98ac3276684ac58d06198232e8d7eb18f975742fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:48 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13264
expires
Sat, 02 Nov 2024 07:00:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 487C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=238&m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2Fae54928deaba413e84dad037c9de39ec_7e59f46e-5aaa-4290-a8b4-dd23929e23a7.jpg&v=3&w=210&rid=73&s=36-Nv2NdG0ZclWKn2ce7O0Ju
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
396509bf6562ef77144cfe07d03397b3af970ab0717099a2956690cabc4e1b6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1138
expires
Sat, 02 Nov 2024 06:58:52 GMT
all
csm.eu.criteo.net/ Frame 487C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UI2Pjtkf01w40agOIyzh72ndyxZjIjtD6K6fnwuGPtYDkKyNU7oXChvjpAIcNw3ItA77CWtrHft9xTlQMkEfUBDB2otL9gK8VASRceBTni7fQ-Ra3b5zRYKXdZNjXafwNyc5-ekz1X37XGlh3vI_hRoaty3gyyQFlm3EEraR2Zfn2NegJXFmb9He6zldUYV95_FDOhP4tw5fEbfkc2T9HnIpVZO4OuYyFfkVQ_dW4H-Uil9tSYxh8sgD2-II8yWMPWS3vg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 487C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 487C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 0199 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e51f844f22309b273e9ed051120efb8d33f4cb92668bffce7bf99a4b1d084c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 01 Dec 2023 12:03:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2997984
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame 139F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9894 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkmGQazYX8Vn44RhlI3nb46z-oLJp6xFyy32EXKHsB_WZTkraVpMbPQpOMHDvAIfZ3JnwSyOzrl-7sdsAMAIrFdTE5_Un6WuCjQGA7LqwLUMGloU1Vhh6FxCS0Ko2hfbof99CKvZMniUPxkKgpuWrVDngj1XCRdL0VrGFhkAFe0hIEXEm-scc0DQrBhYg6YMqFUJuaf-zECHkEFAZQQaqb_tYZmCSrSs23mIdLUqdOrtsrIuSGYhmJOi8g3lypmMio5cVHJl82PiIMtvZqdqEO4mBKsHXjkmRM6f6HU-ox-aKD7COZPg5OWSYAdR_oETHevfnydQEAgdN3RNYoxqw3paKYjCAGC7e6xmsm5zrVHC92&sai=AMfl-YRM3SUSwyYj8fezCeqi9o8wqTsuw6Xp4oSSzHviqD764AcleqT1PCAKOEHHuYAbekYhSPS02Vln-6VioVrRCzT3zeC6LmAjSxbEAdfe0iMNX6jzzyrFaPb2PcddTwMydNCrlue3t16TQ0UIWd_4kJsGsJnaDevQynnL8A&sig=Cg0ArKJSzKcDOCwv8hHaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:03:49 GMT
truncated
/ Frame 9894 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2878be42a975ac123d345538840866a5919663fbd57bfb1d264fb8777def3b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 139F 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2F8286b7d0e2304910a0154cf8e2722f24_thsf.jpg&v=3&rid=73&s=aLGIwSiJg0pP-DuiMgRWGZhw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b55fcf673a3e39197b7eb7a98ac3276684ac58d06198232e8d7eb18f975742fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13264
expires
Sat, 02 Nov 2024 07:00:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 139F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=238&m=0&partner=109079&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109079%2F5084691%2Fae54928deaba413e84dad037c9de39ec_7e59f46e-5aaa-4290-a8b4-dd23929e23a7.jpg&v=3&w=210&rid=73&s=36-Nv2NdG0ZclWKn2ce7O0Ju
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
396509bf6562ef77144cfe07d03397b3af970ab0717099a2956690cabc4e1b6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1138
expires
Sat, 02 Nov 2024 06:58:52 GMT
all
csm.eu.criteo.net/ Frame 139F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=aNndz9kf01w40agOh89Z0SoHxOdS2l_aiG0GebSAOAd42nYnbth5DQAJz8-M-Mlp4vOEOWUOrs54En69NQwuAA6-UiDoxfEcqUTXwwP_j5xzXijlV-kPVyFy4ROjDVXUCHGPTcvIR7gCikvCO70rn85yazha6bQJQ2exDTUA5FvD249xlVzrPrMgzLN3_ilSx15ISUKhdo30G4duSWhIMjbKjmAJowLyb-XMs9xCRJwcia_8Hh2QG1rOlJfasOOhdjVdOw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 139F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 139F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Nov 2024 12:03:51 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DA99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
617949
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame DA99 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pKUuTASa1DYGIdN68vELnM8CYGiUJUzT1WaOrg&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DA99
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
993183
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
an-x-request-uuid
ef6b857d-8c18-48be-bc48-872c5c74dff6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DA99 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-F2PeIwSa1DYGIdN68vELnM8CYGhycdIR8ayk2Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 01 Dec 2023 12:03:50 GMT
tap.php
pixel.rubiconproject.com/ Frame DA99 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0Bq-fgSa1DYGIdN68vELnM8CYGhiVwrqxFhiwA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame DA99 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T1n9QwSa1DYGIdN68vELnM8CYGjEkj32jKPGVA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DA99 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KeAUJgSa1DYGIdN68vELnM8CYGjeSqdgz79BKA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19942
um
criteo-sync.teads.tv/ Frame DA99 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-XcDYpASa1DYGIdN68vELnM8CYGhDYoovaHw_Ow
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:50 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame DA99 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-JCyLLQSa1DYGIdN68vELnM8CYGjv6tg0oAvUjw&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame DA99 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame DA99 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Q2BqEgSa1DYGIdN68vELnM8CYGgJW0Ih0UCB6Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
last-modified
Thu, 27 Jul 2023 11:18:06 GMT
server
nginx
accept-ranges
bytes
etag
"64c2526e-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame DA99 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Ss30NQSa1DYGIdN68vELnM8CYGiVtGmDfdoqaQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame DA99
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJmmeNew7OAF2evjBCiaWENsWtkIaygP8mjOm6b1qFvAYlviu9GvHB3ExwzDHYZNXz14rBGqjHm%2FiWPP8BvFZM3IV6SkQp24VWQPLHbqRVGyAG9%2FhLAe6sCsjumyx2ikWeA7"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb306f39c23645-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLunJEtgiKLYSLDHUnmo%2FjwmX98H%2FqdRHs%2Fqn5Q0uqBiSlPBRLDclEm8yUU6o3Er69TNIlqfNKV66jxOCRydVhaOkr3s%2BzadRx1nF1fmE1uYrKcmPYxf1xq4j2Iwmf9XR1Bo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
cache-control
no-cache
cf-ray
82eb306f09913645-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame DA99
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf-
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf-
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
34.253.135.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-135-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Vs5y/Q2wSIM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
0hP4HspNTlA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gvZEMKXCM8PJhSWKEqt7FVFzEJ8SRYf-
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame DA99 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gzrp8QSa1DYGIdN68vELnM8CYGh4vK-r8MJyHA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame DA99 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CT_o8ASa1DYGIdN68vELnM8CYGho0BWAGwOmFw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.94.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame DA99 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-O6VusASa1DYGIdN68vELnM8CYGhJ4kkt6JcTKw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame DA99 		0
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Z8VbHwSa1DYGIdN68vELnM8CYGiOlhTaNMqZhQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame DA99 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Q2BxmwSa1DYGIdN68vELnM8CYGhm8cBNa3sRoQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.247.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-247-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame DA99 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-x74WsQSa1DYGIdN68vELnM8CYGhgOdnCPxjUrw&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-cache
X-TraceId
b3ebf7df279990d06f52306c9c2e89a8
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA99 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dxHIpgSa1DYGIdN68vELnM8CYGgvA-te4E2GUA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame DA99 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yAe9sASa1DYGIdN68vELnM8CYGgrejIHcih2AQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
sync
criteo-partners.tremorhub.com/ Frame DA99 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-R9jOywSa1DYGIdN68vELnM8CYGjhLJXO7lw1XQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame DA99 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-vEe0UASa1DYGIdN68vELnM8CYGhXijmRVaSgcQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 30 Nov 2023 12:03:50 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame DA99 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-T4H8owSa1DYGIdN68vELnM8CYGgvjHYdBddfxQ&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.20.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-20-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-length
0
put
e1.emxdgt.com/ Frame DA99 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-1w0p2wSa1DYGIdN68vELnM8CYGi_UflGxvJB1A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
server
awselb/2.0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5CFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR43BostpZbjyG7GYjuwPjaaFyAfqjrbDdJy5gtukEcW7-fiePxABIIb3hiZglYKAgJQHoAHp_fXPA8gBCeACAKgDAcgDCqoExgJP0CFl6LFnPshXBCoFoBGd_kROp3B3wEGp2uGPHEn17gYv8dn0ghP5jBlmxfNvPmcyqteDLMSSjIa1C7IYCFyrewgMdhLJ2w-bJdsArj5rVJz1o_pa0jzX7TsQD7VhsJ0rXdSRdNvlphWtl8I2fjX5mzvlLlQgSbnKeiHe2LceK4USntDp8QzN35foL86eKx0zRg0h-NSY8AlUgStoCjZIec_Bfj0Epb8zmuY17k6YmCtuu9nWil234WBfH1JiE0ENXxzZBAvmnqGehmJnBoPtoaeZmdfSRjEJAT8b8fE5IuMSeXsHIJ80NagqOyUYxMFp4p3OaETJTE_HC2Mb3ACWVTCtVqJO4f1VlQBlycN6QPlti-fHxKTKt9e3vnAy2dGXL-YhmhfZxJyeu3RSFZwnTPSIHbWP-xZGq5l8PMhO6NLk9rMZLsAEhcjY2qkE4AQBiAWMs-mCTJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeKmsScAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEL3rCtIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmYTb-5juggOaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9NjkzMjUzJnN1Yj1nY2xpZIAKA8gLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC4g0TCP2E3PuY7oIDFTGMgwcdDVMBebgT5APYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItODU4NjI2NTAxMTYyNDEwNxiB1Bw&sigh=69vFvcs8iTE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNCy5yAxf3Xe3IEvb7Crx_fQRgu6l5T3fcfbM1ZODKLYHf6FnjbchihFlPxxNOQ-DHYXVLCZa-1srifSbVbryvnnxPTrZl_HC6jxgB&template_id=484&cbvp=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F67B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
607199
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame F67B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pKUuTASa1DYGIdN68vELnM8CYGiUJUzT1WaOrg&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F67B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1219619
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
an-x-request-uuid
88c7a80f-df05-4393-83f8-a37bdc3d7159
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame F67B 		53 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-F2PeIwSa1DYGIdN68vELnM8CYGhycdIR8ayk2Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 01 Dec 2023 12:03:50 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F67B 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T1n9QwSa1DYGIdN68vELnM8CYGjEkj32jKPGVA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F67B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KeAUJgSa1DYGIdN68vELnM8CYGjeSqdgz79BKA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19942
um
criteo-sync.teads.tv/ Frame F67B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-XcDYpASa1DYGIdN68vELnM8CYGhDYoovaHw_Ow
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:50 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame F67B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-JCyLLQSa1DYGIdN68vELnM8CYGjv6tg0oAvUjw&dongle=013b
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame F67B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame F67B 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Q2BqEgSa1DYGIdN68vELnM8CYGgJW0Ih0UCB6Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
last-modified
Thu, 27 Jul 2023 11:18:06 GMT
server
nginx
accept-ranges
bytes
etag
"64c2526e-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame F67B 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Ss30NQSa1DYGIdN68vELnM8CYGiVtGmDfdoqaQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame F67B
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mBGVYch%2BjJ19bKWgNTQc%2BZu79RqaPO8rHWiv28E6ueyBkclQIG54SAw%2BHusN3MuhhDSUeE%2BcgCGlVYSWPujCfA7HwS1Cg9nMP3bNUpsNhIyAmCxaw2oVgeY5JqgZoh5qWga"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb306f39c83645-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vryXmbJ7RMJUPNexvyEJvsOO3QEJOxfaHbckGp0gzxlgcYSXlfKOnBXyTb9JNYt213i2Q6DmoDlRtyWBNBsZNbUN7r%2BPQ4oUXXyxvc%2B6pRA6FzVScllYxKL05gyMbolaVCI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
cache-control
no-cache
cf-ray
82eb306f09923645-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame F67B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
34.253.135.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-135-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0e377c1af.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
nlrEhYwrRrs=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0de8db4a5.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
ULwnSQGES9E=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gtNoNt95ruLgxaJmYQhVSctRijzmQiCx
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame F67B 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gzrp8QSa1DYGIdN68vELnM8CYGh4vK-r8MJyHA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame F67B 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CT_o8ASa1DYGIdN68vELnM8CYGho0BWAGwOmFw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.94.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame F67B 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-O6VusASa1DYGIdN68vELnM8CYGhJ4kkt6JcTKw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame F67B 		0
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Z8VbHwSa1DYGIdN68vELnM8CYGiOlhTaNMqZhQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame F67B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Q2BxmwSa1DYGIdN68vELnM8CYGhm8cBNa3sRoQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.247.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-247-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame F67B 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-x74WsQSa1DYGIdN68vELnM8CYGhgOdnCPxjUrw&initiator=partner
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-cache
X-TraceId
9e427e0294d84c0b2401e14845061f5b
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame F67B 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dxHIpgSa1DYGIdN68vELnM8CYGgvA-te4E2GUA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 12:03:48 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame F67B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yAe9sASa1DYGIdN68vELnM8CYGgrejIHcih2AQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
sync
criteo-partners.tremorhub.com/ Frame F67B 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-R9jOywSa1DYGIdN68vELnM8CYGjhLJXO7lw1XQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame F67B 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-vEe0UASa1DYGIdN68vELnM8CYGhXijmRVaSgcQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 30 Nov 2023 12:03:50 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame F67B 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-T4H8owSa1DYGIdN68vELnM8CYGgvjHYdBddfxQ&pn_id=criteo&ext=1
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.20.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-20-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-length
0
put
e1.emxdgt.com/ Frame F67B 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-1w0p2wSa1DYGIdN68vELnM8CYGi_UflGxvJB1A
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
server
awselb/2.0
tap.php
pixel.rubiconproject.com/ Frame F67B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0Bq-fgSa1DYGIdN68vELnM8CYGhiVwrqxFhiwA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame EA58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
564990
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame EA58 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pKUuTASa1DYGIdN68vELnM8CYGiUJUzT1WaOrg&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame EA58
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2319823
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
an-x-request-uuid
3cba3843-55ad-4f92-9016-e00f85e726dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame EA58 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-F2PeIwSa1DYGIdN68vELnM8CYGhycdIR8ayk2Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 01 Dec 2023 12:03:50 GMT
tap.php
pixel.rubiconproject.com/ Frame EA58 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0Bq-fgSa1DYGIdN68vELnM8CYGhiVwrqxFhiwA&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame EA58 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T1n9QwSa1DYGIdN68vELnM8CYGjEkj32jKPGVA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EA58 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KeAUJgSa1DYGIdN68vELnM8CYGjeSqdgz79BKA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19942
um
criteo-sync.teads.tv/ Frame EA58 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-XcDYpASa1DYGIdN68vELnM8CYGhDYoovaHw_Ow
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:50 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame EA58 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-JCyLLQSa1DYGIdN68vELnM8CYGjv6tg0oAvUjw&dongle=013b
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame EA58 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame EA58 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Q2BqEgSa1DYGIdN68vELnM8CYGgJW0Ih0UCB6Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
last-modified
Thu, 27 Jul 2023 11:18:06 GMT
server
nginx
accept-ranges
bytes
etag
"64c2526e-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame EA58 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Ss30NQSa1DYGIdN68vELnM8CYGiVtGmDfdoqaQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame EA58
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOPZvZ8bz1UICktrRwKlq3JXUY1kj7rXkJsajrXV8tcwZngV7iKVWfMR9pWCD1AwUVEu9rFeajoDpjYLbvMvJzDO7mnwwpaxthwVOaC7iwhEoyIs4Lk9n83eSfMQD5bBedJj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb306f49d63645-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfTlPoeDeYk99skYhjCGpzZBQJMWgdw7hUjumoW6CcQnOeQN4EUW1QXsvRdgJ19nQzie6gzHmgKBNp0%2BaGSpiyUBVSGm747b0PGrgV1h03exXlF3foGc6SPxC%2Be9OrsuwYDb"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
cache-control
no-cache
cf-ray
82eb306f09933645-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame EA58
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
34.253.135.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-135-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-047549938.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
an+yuyv/Sb0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-077de999d.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
jVYSF5YLTok=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni-wOFV1cYdYDZpPdbhvvaeNfoMBRDKd
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame EA58 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gzrp8QSa1DYGIdN68vELnM8CYGh4vK-r8MJyHA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame EA58 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CT_o8ASa1DYGIdN68vELnM8CYGho0BWAGwOmFw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.94.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:49 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame EA58 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-O6VusASa1DYGIdN68vELnM8CYGhJ4kkt6JcTKw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame EA58 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Z8VbHwSa1DYGIdN68vELnM8CYGiOlhTaNMqZhQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame EA58 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Q2BxmwSa1DYGIdN68vELnM8CYGhm8cBNa3sRoQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.247.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-247-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame EA58 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-x74WsQSa1DYGIdN68vELnM8CYGhgOdnCPxjUrw&initiator=partner
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-cache
X-TraceId
9ece4a215df3e00b43f28790b231136c
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame EA58 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dxHIpgSa1DYGIdN68vELnM8CYGgvA-te4E2GUA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame EA58 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yAe9sASa1DYGIdN68vELnM8CYGgrejIHcih2AQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
sync
criteo-partners.tremorhub.com/ Frame EA58 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-R9jOywSa1DYGIdN68vELnM8CYGjhLJXO7lw1XQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame EA58 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-vEe0UASa1DYGIdN68vELnM8CYGhXijmRVaSgcQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 30 Nov 2023 12:03:50 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame EA58 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-T4H8owSa1DYGIdN68vELnM8CYGgvjHYdBddfxQ&pn_id=criteo&ext=1
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.20.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-20-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-length
0
put
e1.emxdgt.com/ Frame EA58 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-1w0p2wSa1DYGIdN68vELnM8CYGi_UflGxvJB1A
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
server
awselb/2.0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1E7F 		350 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201397
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FREzYtwN9vQ%2Bbfhbk1sXSmXvBqcpRH1xmTd4mgTQz0yAApP8M%2FwFSU%2FZDwWgVWQCktNdzw5Dc3JoQXGw02IWAQI1zNon%2B3qEFkS8eCzLL6SMVHj5JHyRZI5y5p9%2FfsRHS5ygtjTdQ%2BgnkLnlGmjavqNR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306e5ab903ac-FRA
expires
Thu, 28 Nov 2024 03:15:57 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame DA99 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3665
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_cm&google_hm=ay01TUhjLUFTYTFEWUdJZE42OHZFTG5NOENZR2h6am5KR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
549564
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5MHc-ASa1DYGIdN68vELnM8CYGhzjnJGA1QMRQ&google_gid=CAESEKaevGpS_yMmEsHYbGnaPp4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3665 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pKUuTASa1DYGIdN68vELnM8CYGiUJUzT1WaOrg&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3665
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1095281
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
an-x-request-uuid
76790b36-276c-4e82-bb5e-22beef579466
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4778378652944606084
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3665 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-F2PeIwSa1DYGIdN68vELnM8CYGhycdIR8ayk2Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:03:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 01 Dec 2023 12:03:50 GMT
tap.php
pixel.rubiconproject.com/ Frame 3665 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0Bq-fgSa1DYGIdN68vELnM8CYGhiVwrqxFhiwA&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 3665 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T1n9QwSa1DYGIdN68vELnM8CYGjEkj32jKPGVA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3665 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KeAUJgSa1DYGIdN68vELnM8CYGjeSqdgz79BKA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19942
um
criteo-sync.teads.tv/ Frame 3665 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-XcDYpASa1DYGIdN68vELnM8CYGhDYoovaHw_Ow
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:03:50 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3665 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-JCyLLQSa1DYGIdN68vELnM8CYGjv6tg0oAvUjw&dongle=013b
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3665 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 3665 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Q2BqEgSa1DYGIdN68vELnM8CYGgJW0Ih0UCB6Q
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
last-modified
Thu, 27 Jul 2023 11:18:06 GMT
server
nginx
accept-ranges
bytes
etag
"64c2526e-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 3665 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Ss30NQSa1DYGIdN68vELnM8CYGiVtGmDfdoqaQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 3665
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJGf1khf6rRoZAH5P%2FYP%2Fs1meHZlg6roM%2FJIUdo%2F%2BPz9t30KyiXc7vaB8GRLdwLJuib6IDfiwnCQzZBZy6OVesW7XniUze4paZK4AANIGBZOLfG%2F40zIwGdcDyJIePB5WbT%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb306f39c03645-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDUiL4TYhbvh4%2BTLSXFDg6Z%2BhvYwgtYsrY39X74qxH85hNRVVQ4YiHTIpVEkysIp7xj5cyLuEKjk%2FZ%2BHZAEEPl4QbAgl2AIBsTC3a6oYhNF8GAW%2Ft5jSEGXDrH3mtnSaOaqQ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-79J3DgSa1DYGIdN68vELnM8CYGiiPdoXaG469A&C=1
cache-control
no-cache
cf-ray
82eb306f09943645-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 3665
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
34.253.135.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-135-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-061d389cf.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
K+zKGXxESdI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
8iYkq0ShT/Y=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5NCoSDcMDphMFKzkXE4uFh4Z0rbzm4zQ
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 3665 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gzrp8QSa1DYGIdN68vELnM8CYGh4vK-r8MJyHA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 12:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 3665 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CT_o8ASa1DYGIdN68vELnM8CYGho0BWAGwOmFw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.94.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-94-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:50 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 3665 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-O6VusASa1DYGIdN68vELnM8CYGhJ4kkt6JcTKw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:49 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 3665 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Z8VbHwSa1DYGIdN68vELnM8CYGiOlhTaNMqZhQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 3665 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Q2BxmwSa1DYGIdN68vELnM8CYGhm8cBNa3sRoQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.247.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-247-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 3665 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-x74WsQSa1DYGIdN68vELnM8CYGhgOdnCPxjUrw&initiator=partner
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-cache
X-TraceId
bea73c5d5ce938a012d7ce80ef800394
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3665 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dxHIpgSa1DYGIdN68vELnM8CYGgvA-te4E2GUA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 3665 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yAe9sASa1DYGIdN68vELnM8CYGgrejIHcih2AQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-224.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
sync
criteo-partners.tremorhub.com/ Frame 3665 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-R9jOywSa1DYGIdN68vELnM8CYGjhLJXO7lw1XQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 01 Dec 2023 12:03:50 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame 3665 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-vEe0UASa1DYGIdN68vELnM8CYGhXijmRVaSgcQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 30 Nov 2023 12:03:50 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 3665 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-T4H8owSa1DYGIdN68vELnM8CYGgvjHYdBddfxQ&pn_id=criteo&ext=1
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.20.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-20-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-length
0
put
e1.emxdgt.com/ Frame 3665 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-1w0p2wSa1DYGIdN68vELnM8CYGi_UflGxvJB1A
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.146.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-146-238.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
server
awselb/2.0
sync
ups.analytics.yahoo.com/ups/58301/ Frame F67B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-frame.html
ad4m.at/ Frame 0F51 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
117317
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
82eb306d9bdd2c3d-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 01 Dec 2023 12:03:50 GMT
expires
Thu, 30 Nov 2023 03:29:52 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rERQpefGd8PcM9ezDAb3UMdzV7dzNEGIYn8kX4gKxRAe6Ug9Uy1Nb7Qix%2FRXHEKz%2BUUKAl9KLVUNV8J3WNXPzn20kHe%2Bm3K%2FuYcrJkKB%2Bkgxh5QTNM%2FgBGJRynh%2Fzyh12abyNj0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/58301/ Frame EA58 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3665 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-VryWEASa1DYGIdN68vELnM8CYGhAQUsvG3PoYA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba562c07a088542e53dc9921c2e&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/ Frame 3665 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-tI2rvwSa1DYGIdN68vELnM8CYGiC-DEUY4WhIQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
an-x-request-uuid
045c37ad-b7b6-42ee-b508-63ad636c09c4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame F67B 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-tI2rvwSa1DYGIdN68vELnM8CYGiC-DEUY4WhIQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5ff696842cb13809ec56d97cc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
an-x-request-uuid
1c2d42ee-e90e-4708-8d60-e7658923ba47
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame DA99 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-tI2rvwSa1DYGIdN68vELnM8CYGiC-DEUY4WhIQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba54938196605e1200066d04d20&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
an-x-request-uuid
a477ef3a-cf23-4de4-8a65-225266abb698
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame EA58 		43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-tI2rvwSa1DYGIdN68vELnM8CYGiC-DEUY4WhIQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=206437&cb=6569cba5fcc47d7080229dc22fa726bc&r=https%3a%2f%2fsimcast.com%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
an-x-request-uuid
6ae5936f-e6ab-407c-9143-562bc03247c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.1; 37.58.57.1; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82eb306e7894363b-FRA
content-length
24
content-type
text/plain
date
Fri, 01 Dec 2023 12:03:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65%2BrcPd0UdzXc2evk5MEnMMWlUjmjBp3kq2yO%2BcHzWlB%2Fdfn9U6uGVQGF50jXgv1ecQZKNjD6uXVmAIUxD%2FhQPgTyCvj10QtqVgTbMaGEEgMRCBuj9U7LNaVTsDn15TNpkgDLDk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-bdnd
rs
ad4m.at/ Frame 1E7F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e1a7f8cf0992da7ed62f6276355d445cca03e47579221725fa8d5262ad660c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8AvjkxtWVtZmq48Jx%2FF2FRr0Lvwhdbf6tlZci6ZmR%2BaZXscBVMFN%2BoIaHQihpJLbcaKSTY%2BuhrTU7uTLO1KVe4RUx6bVjXtd3o1hAIZ%2FkrX7Pv8qO8HzsF2K%2BTLBlD0tyLkBIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82eb306ec8ca363b-FRA
x-backend-server
aa-reachservice-group-europe-west1-tqsw
alt-svc
h3=":443"; ma=86400
adview
securepubads.g.doubleclick.net/pagead/ Frame E3EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDTVPostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoErgJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXralQtBVjTrFEgyoOIf_ORiTohclUKSDnCUd55jjZc2CGoBXOv5oOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA4AKA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAbIXHAoaEhRwdWItOTUwNTgyMzc0Mzk3ODMzNxi54ig&sigh=nvFSs3q7Q14&uach_m=%5BUACH%5D&cid=CAQSPADICaaNVMUYbe3ejyZb2ekvpmi6kQbjiv2qt85EPSJ1KnJ3FwHOhiyAUMUgpfLipECpE_tiroCNqAWzuxgB&cbvp=2&vis=1
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E3EB 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gwebq1hg3mrgbpm60agysk107r647pfg7xtwdkhnp3gzxbk6znqk222bhj5a25j6v9235z5vqg7br3fdjh6k6zp1dspdcv3yfvapck6dy8n140g6ze40d36zcm3djcxtmp9etsv1gcy2jve1cn56165ctxch0yfhgt95959r6vb2zj75ggb63rzbxdbjgj84fh9s5arj32xxbchangw8n8yqa791pbmdte9969t29f6nmwv671rcd9pncx4q4kbny8pg2ccvkdvfgazkbg2gxnhkf3ra77gv3wxzbbfdgbsfa2cc5crc94c891zsw7chcjf9d2netnvp5ma1byds3r9hdsgz7ysskkmnqy3hwt68bf24jdet43bhyx4kda4rscxxcrbgmtc5hg&b=ZWnLogAG-5EHg4bvAAi2qEfnSADKd0NMu_hTbQ&cbvp=2
Requested by
Host: 1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
URL: https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame EA58
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7aoTvyF6VBRFGcOtzFSAc2ADN_FRF0jE
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7aoTvyF6VBRFGcOtzFSAc2ADN_FRF0jE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n020-dub-prod.krxd.net
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1701432230
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=7aoTvyF6VBRFGcOtzFSAc2ADN_FRF0jE
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
777604
content-length
0
usermatch.gif
beacon.krxd.net/ Frame DA99
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qT_DnN-dyfOTKalFpb5F-kwX6q93tVUe
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qT_DnN-dyfOTKalFpb5F-kwX6q93tVUe
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1701432230
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qT_DnN-dyfOTKalFpb5F-kwX6q93tVUe
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
827555
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 3665
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=eT_uwaQ1EKUTnPpSSCJtiD_S_8gLQL3u
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=eT_uwaQ1EKUTnPpSSCJtiD_S_8gLQL3u
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1701432230
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=eT_uwaQ1EKUTnPpSSCJtiD_S_8gLQL3u
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2800623
content-length
0
usermatch.gif
beacon.krxd.net/ Frame F67B
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NDiuSRTVNkgow-qebBOpCtZgqT-h6bwC
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NDiuSRTVNkgow-qebBOpCtZgqT-h6bwC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1701432230
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NDiuSRTVNkgow-qebBOpCtZgqT-h6bwC
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1056518
content-length
0
rar
as.ad4m.at/ad/ Frame DF9B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047e3685bfaba9f5752e2552ace0aaa49a596353914a295c3027e3b5609da7a9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k3fanykjw4nh5m6neamjsgqzk5qqjvjj6e622svebs05y7raqbkm38xt5dgqy4emyhqz9cj4g7r37zse9v460m36yecqavvcj66056s3w32h3s7whsd1qk4hsvzcg3kvjzy2xannffgbbkxpz18qzebwwxbxg3wcaq2r9ah90d479gs3rmdmwfrtxypf33b0vxknk0nv4z4c38fz3nantqqsqb3k6n8x9ahcdcwt37ec9qp2we6yzent8fsr790ek0tmpg7d9khm1jnk6jysa0qb2zsqw0qg0repvmnjwm79ghefmbrb9hnmg6sb3f3x32w7ppcnk4s2kjtc7cead688c57p5aq27j9hjgb363xvjwvxb4gvzseaq271ssg8ja4xd44shewkjzf9scp3w2dwwrkfdyn4qsc4kzwhs8pyfjmqbaxvn8y7tek50pfbnxv1d22t4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%26num%3D1%26sig%3DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%26client%3Dca-pub-9505823743978337%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb306f2db52c3d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:03:50 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DF9B 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
202428
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52a4O%2BG2SVJAm1zGL8eNITnej9tK0XUe%2F%2FZMLKLmHVfNMJe9hbVA2PW8TTjT18BzAOauj%2BBH%2F3kJIxt2W0HXgwC9X4QWJWVRYYYRkrIj%2BSsfYtQjunOTd4DipiIIPpBWesTyNRIuUwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb306f7dff2c3d-FRA
expires
Sat, 02 Dec 2023 12:03:50 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame DF9B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
288802
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js79WeL%2FDiflPNVTRZWactIUrjq%2B6ftQlJ3c4BmX7PjcMXD0nX73jZ3W%2FCy5AXRa4DqvyguXsXMDLKU9VwY%2B9xlHkbNuSO33C8Z1ApX9KYacHzmmO8UwoMmxdcD0skUHyqom%2BYoIGn1fzmJa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f8d2e3834-FRA
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame DF9B 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1680087
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33043
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:07:19 GMT
server
cloudflare
etag
"4248eb804269666620fb86952a326d7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVFELhuRFJFXLnJ7mDXxUw2qSF3n6Q7oOgbXpz8NZlmyV%2B%2FLVz%2FkAcLgBpZYb1jhCvXs5x9JZXpA1%2F%2F4qgRS2TxRk1iy%2B0GfP%2FkuruQLszeYwvQyuCSgTThiqFxgeG9lw0chaQL8ai2jESIt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f8d2c3834-FRA
2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame DF9B 		0
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame DF9B 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
827152
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcuuTRLAk0sF7FqRnVOXw%2BVNP2saW8U8QNEQqSfOJwdByzy5h6FhpzlAGA2HGdX6yRDemeF9zgCdDU%2FKqPGId4iNsdTHaCL%2BkWH2884iYHoVzHnlzeRkhIoiwVBnf64TmFHTHstdeELYqTeH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f8d2d3834-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame DF9B 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836026
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxpzXKgtyA%2BvlqSGWBVikm%2F0qEdsFm0O02eDNV72Xr1AUKMOa%2BRuQVAKf%2FHYAoCqjarUeRuRrXTJo1B82zgPnCfOjjdLrBkdy7Ala0g8vd%2BXIozpVWDjBlvcJpR9xqNWmczfow%2FHsKnRRy3Z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f8d2b3834-FRA
cshow.php
www.awin1.com/ Frame DF9B 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame DF9B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17296
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjhOJmSyY6YN17jzFIOUrpuG%2BONL6wHdLNWA%2Fjcj5UPabyurV%2FsLGy3aHB5HpjrYdE87TFJkKo8TpgZxpPrIrQcsI7VDNJRVODVdwt5ljF9bIlBXSDHfCZqiIRfFGW3ovMy%2F0sYarSw1b6uK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f7d293834-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame DF9B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1489285
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFVCPPDa9Rc5GxKHTF7BWkgiN1JB196oXuZobN9%2BNGsJMcakKD96SQ1%2BTpR29SE0ml3RS17znw6w7WN8R69aCj8RDAKMd%2BkkkQWt%2BebxPVik%2BzXpD%2BeI4CpYXErfZkZ0Agb1L9QR7ffEN85T"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb306f8d2f3834-FRA
cshow.php
www.awin1.com/ Frame DF9B 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ef421bc4cc216b1f0a4c6bc574561b4d%2F13866583642661051233&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701432230193&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8t8w19w4y9yaqgxhdf8reawr6f70p5gq58pack9kczb28g63dp4grsawgd6rn7srtza2h2fn4h5rcgtfx59y43qmcvhmrydjec71t8c7tk7hpzy44my7rd0wmvjafr2ayb6d0006f1a6yv3rpz8jq0mdt69tpmmwtpnba0449rm4seyvwrfnvn4vyxc7f3w6g9dn3wxnea8btm9hr9axew7qfcmtsjvcyxhe1fqctbx6v9j4gm1whqfms7dg4cmq0s3pzd4pnvcewza8y8rwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClnV0ostpZZH3G--NjuwPqO2ikAqQ4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi05NTA1ODIzNzQzOTc4MzM3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEsQJP0Gji0AsRzp7o7sg8VE109mscfRU0cpUu38vkohIJoteqGv5SliHEUpNcAbsLmk3p5WCXmoJDXKW45nsAj25wdtP6ggoUkQ6ZBg6d6E1_fAYjU09nCt9ZiQYI-419RflNObG4BYUt_Rt3oRO-DbyVMbyGYUHHxdfsDT-gDint3SevMTu-Gqdupk04oUe4dpLJ-dd7pLYIRaO_-umKBnXcaHZVrjQK0vc3DHiuu0NAaeb5DzGp6wxp-6mNWpaZrgjaHXuu1V3gVHvRwet7q8UboPVgtw0Pdz6oR-sAduWkYFkvTu1KCcMK880RjRvJ_FtHlIpwdvft8QLjIbuYfHjveA5DAYdxTXqYlyrTgc1sVIC16HTFtXaQd5xWOEi8Fq0UtdfxdQMoJHLUgHS5aNYyceAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli9_tz7mO6CA_oLAggBgAwB4g0TCJa43fuY7oIDFe-GgwcdqLYIotAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1G8_b1vsOZ6koCv8BxYy7mtADpQw%2526client%253Dca-pub-9505823743978337%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:03:50 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cs
s.thebrighttag.com/ Frame 3665
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cuXOnOiZgD6iInAq9MZQozFm9dO94yzi
35 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cuXOnOiZgD6iInAq9MZQozFm9dO94yzi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Server
3.132.66.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-66-110.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-bt-requestid
b0b6fb81-9041-11ee-9405-0000ac170017
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cuXOnOiZgD6iInAq9MZQozFm9dO94yzi
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
606824
content-length
0
cs
s.thebrighttag.com/ Frame F67B
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=kqttmyw7Y5KeskF10MP67_ERAbkIR9cY
35 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=kqttmyw7Y5KeskF10MP67_ERAbkIR9cY
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Server
3.132.66.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-66-110.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-bt-requestid
b0b6fb80-9041-11ee-9405-0000ac170017
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=kqttmyw7Y5KeskF10MP67_ERAbkIR9cY
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
593905
content-length
0
cs
s.thebrighttag.com/ Frame DA99
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EIX3P-e2-Ep_ecH94u_ymFeWSMY7KSwb
35 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EIX3P-e2-Ep_ecH94u_ymFeWSMY7KSwb
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aMa9tbiyWhTMLnx26Nn2vE_K7AMtRmzYvJ-7pL9NMSGwVgGESbPd8tnIjKjELmQe4y76LbVyU2LyLK3ganY909W8ZMS9Jwts_QHX_2XjjF8rroOnfd30rnaHthmB-3b7RR1DMclYbKN7QdhY68RhLr93k6pW6PXdJnRE2aBnC-iShVH5n9d8csjRPnDaEzdlEVQAWSQg3dPtmpyK62H0V62w7TE8-5yrHv2RUlyIBdPPj4ZPxCs3rn30oQOHN8faef5o1qMi-emEt7TOE7cczFLne89TtRGDa0NebKXv8F6FowqSfTo9dnsi9968H60stLT6C4zu6TayrY8wqM_j5UTCxymFhIXKMZh00BZQsiqwyKU2eEdCekGlThfGI6Kw7EoUzM5kLM8Hp-5xdKIiFF96yWNwdAniLn-V8921CjGcanENj1o8sEaE5a5BGBYna1TJOyX96fYdOea6fq7UfV2611DBgSmGRc-j-Aouzc5rbkqAev5YunM_AgckosX9vTV8iRb2fbGP8zde4lB71T69cp729JHPgNdm2W2yrOWX
Protocol
H2
Server
3.132.66.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-66-110.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-bt-requestid
b0b6fb80-9041-11ee-b246-0000ac170325
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EIX3P-e2-Ep_ecH94u_ymFeWSMY7KSwb
date
Fri, 01 Dec 2023 12:03:49 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
583202
content-length
0
cs
s.thebrighttag.com/ Frame EA58
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vHBglHY3-9KcFHAx-OLQOwISeViMVC71
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vHBglHY3-9KcFHAx-OLQOwISeViMVC71
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUsxI-h7ZQXX74SYDhGr1PDZYnDLfS1p91tERHcRmGPvfvUBY6FvrMwqNM_NGqU3FrhAA-II06UHug-0-gyZXWPULXqCnG1l5ikcWiPD6yFDEgnlc0RI7t7Rhj9E7a5lSJ_19c2IqoDIIxHTZtroD9kvJgVFtMjwOn6xYSo40ppOovchRpYFXnNeTQk2g6-yWXcZGtZqVJMAtm3cHaezq2pjppSgUcO9vMqAjlMVJwM3zx3RYzqcM-YUhNVY8H9zP7ylsfXunmXzTiJeR67ilwdjG94OI1c9Te90fpkiSELd2kWl0fzA8zWD07R2wc4mQMwWTpoVEOJO42dsOfwE7TbFDENlgBON7sJ7eJcx0TrOI67D5rzp3FEZ9ABwShuIeUPBAuKiXVGn1dYTvoNN3CoFNOT4qG4yB7-Bk3Bj4VXtu8TNQeM-v0yKZQOfs1MgFfNwHnX5hegRRm52k_U5CL3RA-vw2L0NJLfXgsExbSPBwGm5ht2gq47necZHFx7ya8J
Protocol
H2
Server
3.132.66.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-66-110.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-bt-requestid
b0b6fb80-9041-11ee-9560-0000ac1702a8
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vHBglHY3-9KcFHAx-OLQOwISeViMVC71
date
Fri, 01 Dec 2023 12:03:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
659922
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E2AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6sFiTmyvPS0w5_NHKC0a-2P_oDXFb6HJvIryFg2nocx4ystRIAovyo2GmD2_nV_9B1QKxFIBOoRI_yWaJu4TMJEi4ww784uAEIv3ZpwShucqF8EqSRbTgWJmaRtNsO1kPNXQn7hI8yQ&sai=AMfl-YQUY2_6EyRrAyjQDCSxzNG5L05H0FxYrJ04YiMXqTbp84A85dU&sig=Cg0ArKJSzHQO0K4y2wu8EAE&id=lidar2&mcvt=1000&p=655,1232,935,1568&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4208745890&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432229607&rpt=236&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9894 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQtC35KPv7Y3U5aUDh7eyd61BeM4MjbXvSyo-hgYlM6HNy4pQKZmml-MMCbc7GP5pgQrHJMAFPZsO3_-duQaXUh9w3tTrTl7L0cqilQKQ-S2DTO1T5vuc3ncP1Jt-jsLUu9dO2o4O6Wg&sai=AMfl-YRj2JSg0Z5lJfMFR-Hwr50aDzS1BfTRx7hLqSluDr4fV2-6thw&sig=Cg0ArKJSzGioB-EuD2F4EAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2338507857&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432229618&rpt=267&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E3EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvk4GsdbUWJNPsqOCZ7bqOZmS29ySxlI_Kxnxrop3bKD12xBGqbDSm-xOKgoERbc3d0NYHWlJOJrlcOqyIKKSdm9INiCa7rUQLgMU02DKBt8sXPGJ9lGQ&sig=Cg0ArKJSzEHiQ9VXHVtLEAE&id=lidar2&mcvt=1001&p=655,250,905,550&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3417751721&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432229654&rpt=255&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5CFE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcl5esDNPoTiGzpODhZk-rYZ2yfXHU3X4rTg_2yW_ggdlgkcR0e_4gutCp4Xpyz3Fn8SoTqL30Nj6HTNkModJc80fD5mh1jAXR7e3knyiuIVhYSjUotB99EC6PI3AfcS1mrsYmWt5SXcLk&sai=AMfl-YSB44onXlD2b9FmBcsvK8kkE23_dRjq-tQijjAOn_8PMG4CcNjV3LZfxsLeyR0hDJL7VovRdteyuAuFYS613meJyNeWKHzyQ9NAhyJj9MEpsygvwj3xrcTjCh84aphnvoE3vcAPv97foVC3_Ud-tQVn_v_DGm-T1fg&sig=Cg0ArKJSzJDvh08FwVg2EAE&cid=CAQSTgDICaaNCy5yAxf3Xe3IEvb7Crx_fQRgu6l5T3fcfbM1ZODKLYHf6FnjbchihFlPxxNOQ-DHYXVLCZa-1srifSbVbryvnnxPTrZl_HC6jxgB&id=ampim&o=315,310&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=351&tls=1351&g=100&h=100&tt=1351&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 2712 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=pnhpFdkf01w40agOFGYL0T2syBl4xzTmhdd24LEiJDDjAANeb-TY_-1ZM0r8GspZHtHRl62FcPBbUFWiigYCw22F00svCenkKHsgBe2q7K6Hum9hwmLcNTAI8kEE9VNSWJCi-6CwpI0mFbKpCRDok6okx62skn6SAWsgsfq5xtfcT_ht9WeMx5DoP7T3G4tVr47qCClX7UZF1ZkDPWtYm1_4iweR2rE6-E3m-tuoZ2o_qhygit42kX4_TvFuI9FhEWzZ0A&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aCuibFfoKMh6gZiCfbxosAjh28U3pv3TtXS39-Fs7vZiqIwfL2_6_KWHPt4xH2_j9_vtsgyYtVxuoA7mGO-6TULr3yo45vsOVJ0lTLSDyXIS0VpKCbt5igFFGUXQTXP3qoZEIdOo5OH5Z-WCcFifngnQ7Ba86wm6Xm5OhsgVucuxO5CjTIfKByEe5u5dbCkzJMp2lwU9NF9Tu7RWezPvK9QAhe3ZOp3yLmfOIM9RXh4ngpcK1ooTZjrZGm-yZu0r2-cL1xiNnMOLyI-MuEGVd40P81MAo5wc6OrQjDc0H6DSZU5ZppUai1vx6uR357DdUC0b8sPMgvCAXLOIJHh16IjQ5j7wqjCY5RijFAxJ3NiKuwneZkDAL0KWLFXwEnEqqlKzLXg-0LkWotXeR0F391uugbzZjikGMLkzN4LTP5yf4IFOjNVQ3Qy7fw13iOcZhwsCJt1HpRZ-WYm2YU6pbeAcEXMW1DjOLkK90szKrPseTBGuZ5YxaaTfaRX8L_xB8ZQ3fQx2gUSm3-w0BiO7s8CV8MIAxLkuEWDapvwZwUUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 139F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=aNndz9kf01w40agOh89Z0SoHxOdS2l_aiG0GebSAOAd42nYnbth5DQAJz8-M-Mlp4vOEOWUOrs54En69NQwuAA6-UiDoxfEcqUTXwwP_j5xzXijlV-kPVyFy4ROjDVXUCHGPTcvIR7gCikvCO70rn85yazha6bQJQ2exDTUA5FvD249xlVzrPrMgzLN3_ilSx15ISUKhdo30G4duSWhIMjbKjmAJowLyb-XMs9xCRJwcia_8Hh2QG1rOlJfasOOhdjVdOw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CE3EtDRvHMoUzEC1qcortHo%2F9x0dMML9eQDfsz%2FCSB3E%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euzxysunNP5LzFb6jerBSzvpysq_OQiysrl98_drza7jUs1oKa3so7msSw3v9Cy1y7fR96B1mziZRbBkJS8WnDNOxVfm4wt33hxgJsHd2BZVv3MmyFmTz24V9lKdf2EMdm2Wa5dMk9DFEvSFrC0znaIz7oLJ2kAd3ESSAlbNw6ni1IVtcg1PKvhhB0NZwFlcdlnqcZ123D_YUhV9zzBGbrw7_TIH2l-wWmJh4CMwhABLUDAQvChIYOhnH15sZiJ_0hQtX8-C-QHtnnHDHtB6Cacz3r8aIrZjTwAkvv5ZLU5ut7photEObqUIl9EzPVMTQ-LawjtRqwJOvjHI5Rh_O4je_Om8Al2qINwuTPRoqYJ_jAOC_BRfpHyq08UVPy4k8Xlpu_v3g7ylKWeEHDnMazHYJgt1ayEV5RmRzBipR1zi5jcfcAUk_beQfDiZi_3Bw1a4f8a6twSGUs9t8hEYupcU4e3FmO5HLzpttCMQuOQjhxh_H9XtC49GYxHjN-GvZ7dxQt7drz7oZ-dlfZeg7AT9S46floPwjm0ra_AOBTT7nX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 12:03:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:03:51 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=d9gzpd8zmvi88yla&instance=374863&version=os-0.0.2&ldt=VPL&key=jmgEr5Ik&order=6&seq=1&load=1&ref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0&extref=https://simcast.com/?d=vingroupwin.ph%26pcid=48%26rid=112%26a=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=jmgEr5Ik&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-179-92.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:03:51 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Domain
a.usbrowserspeed.com
URL
https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=d1d5c7f0-7c0d-439e-9c99-f9e184216b9c&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A
Domain
pv.medialead.de
URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery function| LoadExt function| getCookie function| displayModal object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| dataLayer function| docReady object| ID5EspConfig object| mnet object| liQ_instances function| displayComment function| displayModalURL function| displayBroadCastModal function| myConfirm function| myFunction object| plBanner object| google_tag_manager object| google_tag_data object| _qevents object| ggeac object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| quantserve function| __qc object| ezt object| _qoptions object| regeneratorRuntime object| _anonymised_tag function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state function| gtag string| GoogleAnalyticsObject function| ga object| _gcio object| Criteo object| gaplugins object| gaData object| TimeMe function| GCIO object| IdwCollect object| AnonInterestScores object| thisSlotDefined object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139

64 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 6GOO-mzIMoes_WiqfqXbrwalfdxmuReu
simcast.com/ Name: PHPSESSID
Value: 2dd2kt4pj2m880n46i4hcks15u
simcast.com/ Name: uidinfer
Value: 92480041
simcast.com/ Name: _uc_referrer
Value: http://vingroupwin.ph/
.quantserve.com/ Name: mc
Value: 6569cba1-409a1-d24b8-70cc7
.simcast.com/ Name: __qca
Value: P0-1417952964-1701432225140
simcast.com/ Name: mess
Value: 1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: bc61fb6c-d197-45e6-b79b-246ce678c2a7
.rubiconproject.com/ Name: khaos
Value: LPMKTF8N-1M-KXVZ
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3R1U4Cu1GkibJGe4Ni1ThWK2euPP2lVg3iXIXbtn90w4kEP1YUhOmV1+T+BShJN9Sjkrb82NJt2os7PQmCKGhZAZk8zxcPN26+xUA9sgf/4bKpUjWTmmg0
.simcast.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1701432225463,"lastSynced":1701432225463}
.simcast.com/ Name: _ga_RFSL1NPH34
Value: GS1.1.1701432225.1.0.1701432225.0.0.0
.simcast.com/ Name: cto_bundle
Value: Rm3v8V9BM2dOJTJCYk1UUHVDOCUyRjk3bGZpS2xndjRMVjVaYVFDYmtDYyUyQkhVN0ZaY2hPMTdHUGVnRmZpUTZHTXdMJTJGd21Ha2t4akI2SkR5c1BYaUhIaUJvS0VHJTJGTVFRb0ZSb0dvdlRMbHZKUVlmeEd5WThrazFzbiUyRnlmV05PT2ExWVFrMkgzSiUyQk4zVDAxYTdBQ3B3OVBkSUozdDU4QSUzRCUzRA
.openx.net/ Name: i
Value: bc5b201f-7e83-4568-b5cb-bc0478d1b2a2|1701432225
.simcast.com/ Name: _ga
Value: GA1.2.1642492729.1701432225
.simcast.com/ Name: _gid
Value: GA1.2.1504647630.1701432225
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.simcast.com/ Name: __gads
Value: ID=d5d02b443946ad20:T=1701432225:RT=1701432225:S=ALNI_MZf0Jlmax0qc2OEonFdVExZQXlGlQ
.simcast.com/ Name: __gpi
Value: UID=00000cffb8f654ca:T=1701432225:RT=1701432225:S=ALNI_MaDaiPt0_aYDGeBamUI7wLwKzQ35g
p2.gcprivacy.com/ Name: gcid
Value: 486b077d-367b-466a-b9ff-bd0e3d329936
simcast.com/ Name: gcid_first
Value: 486b077d-367b-466a-b9ff-bd0e3d329936
.adnxs.com/ Name: uuid2
Value: 4778378652944606084
simcast.com/ Name: _lr_retry_request
Value: true
simcast.com/ Name: _lr_env_src_ats
Value: false
.aggle.net/ Name: aggcid
Value: d1d5c7f0-7c0d-439e-9c99-f9e184216b9c
.aggle.net/ Name: aggsubsid
Value: gAAAAABlacuil_-dE3Tt8PwCImLfYS1G7aiM72b-K44DhSdo1FTbjAc83jNR5fJCDDYm76yYuUt_4oCNlx0AAd94XavkUst2gGbAqjUZtw5QUOVGATTrPYhzWn81uIKe2r2sAYSBQq0x
.aggle.net/ Name: aggsid
Value: gAAAAABlacuiQuQGrdRmCSFFPRWWJF0F8hAOAdBwAHFHPp4DfvmRe0OGXtczDr1FHYF3EDATB6Eh2M1J3hyQof29Kt2zFPDtJSdbPBwQdYDtZ4alv-NbYHU
.doubleclick.net/ Name: IDE
Value: AHWqTUnVOoIQljE3RlqzhETK8Lv44wHxuxi5J9rV0ixuCmNzeKKjOu5BWXNE1cGBsGA
.adfarm1.adition.com/ Name: UserID1
Value: 7307595779938973839
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ctnsnet.com/ Name: cid_cc89571167ac453eb36002e5e71117cc
Value: 1
.ctnsnet.com/ Name: gid_CAESEJueslNL6cYi62UOuds_91U
Value: 1
.w55c.net/ Name: wfivefivec
Value: LpWGk3We1R92fj5
.w55c.net/ Name: matchgoogle
Value: 5
.liadm.com/ Name: lidid
Value: bff306c2-ef20-4e82-a155-92aef2143d71
simcast.com/ Name: pbjs_li_nonid
Value: %7B%7D
simcast.com/ Name: pbjs_li_nonid_cst
Value: zix7LPQsHA%3D%3D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Z8VbHwSa1DYGIdN68vELnM8CYGiOlhTaNMqZhQ%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E>6m::?e!]tbPl@/D!9hy6]/Cv]vj$=7L7C4f<01>Y-eUzh(glj+jkB=Tw7p!UheEOP$/[wy$>lmzOokD(`*bpRz*qF1`*bb2f+@m/%
.media.net/ Name: data-c-ts
Value: 1701432230
.media.net/ Name: data-c
Value: k-F2PeIwSa1DYGIdN68vELnM8CYGhycdIR8ayk2Q~~3
.media.net/ Name: visitor-id
Value: 3444338307267362000V10
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22b05839b0-9041-11ee-a896-6d4c123b6e74%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22b05839b0-9041-11ee-a896-6d4c123b6e74%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22b05839b0-9041-11ee-a896-6d4c123b6e74%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22b05839b0-9041-11ee-a896-6d4c123b6e74%22%2C%22version%22%3A%22eu-v1%22%7D
.postrelease.com/ Name: opt_out
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: a687ebd55cabe3ab2f0fe6567c39aba7
.tribalfusion.com/ Name: ANON_ID
Value: aLnt6ZapkijcDifqAbPsoyOrs7WHVuJ8WUjpw8Zc1TvnZcrYxQEgIurbHUa5SsWselHsS2m437uhFZbhOf0EUp0cSIJHhhIh
.dpm.demdex.net/ Name: dpm
Value: 00307518505708610351763213703751053334
.demdex.net/ Name: demdex
Value: 00307518505708610351763213703751053334
.casalemedia.com/ Name: CMPS
Value: 3219
.casalemedia.com/ Name: CMID
Value: ZWnLpq5Dm50V-p-aNAQ0VgAA
.casalemedia.com/ Name: CMPRO
Value: 5251
.adotmob.com/ Name: uid
Value: 09dd22040041bcb933a17824
.adotmob.com/ Name: uuid
Value: 09dd22040041bcb933a17824
.adotmob.com/ Name: partners
Value: IX%3A1701432230368
.krxd.net/ Name: _kuid_
Value: P8t95IRP
.tremorhub.com/ Name: tv_UICR
Value: k-R9jOywSa1DYGIdN68vELnM8CYGjhLJXO7lw1XQ
.tremorhub.com/ Name: tvid
Value: f0ff3fb63ff64de79cc321640610d0a2
.awin1.com/ Name: awpv14702
Value: 412871|1701432230|b0890db0-9041-11ee-ba35-226154e726d7
.awin1.com/ Name: awpv20044
Value: 412871|1701432230|b089d100-9041-11ee-85f5-22347f548c7f
.awin1.com/ Name: AWSESS
Value: 415363:2904924

7 Console Messages

Source Level URL
Text
other warning URL: https://cdn.adapex.io/hb/aaw.smc.js(Line 3)
Message:
Unrecognized feature: 'conversion-measurement'.
javascript error URL: https://simcast.com/?d=vingroupwin.ph&pcid=48&rid=112&a=0
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.adapex.io/hb/aaw.smc.js(Line 6)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=d1d5c7f0-7c0d-439e-9c99-f9e184216b9c&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f0a635c854ed8bb0a538ae27bbe01e1.safeframe.googlesyndication.com
891fd4bd7f82712b0669c50893ad2e3a.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
a.usbrowserspeed.com
ad.360yield.com
ad.yieldlab.net
ad4m.at
ads.eu.criteo.com
aegis.anonymised.io
aggle.net
api.rlcdn.com
as.ad4m.at
assets.ad4m.at
at.teads.tv
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
cat.nl3.eu.criteo.com
cat2.hbwrapper.com
cdn-ima.33across.com
cdn.adapex.io
cdn.ampproject.org
cdn.cnn.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cloudflare.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
connectid.analytics.yahoo.com
content.api.news
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.eu.criteo.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
embed.sendtonews.com
embedcdn.sendtonews.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
imageproxy.eu.criteo.net
img-s-msn-com.akamaized.net
invstatic101.creativecdn.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
parking2.parklogic.com
parking3.parklogic.com
pixel.quantserve.com
pixel.rubiconproject.com
player.sendtonews.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
prod-rtb.ad4mat.net
pv.medialead.de
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.thebrighttag.com
s.tribalfusion.com
s2l.sendtonews.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simcast.com
smartssp-us-east.iqzone.com
static-de.ad4mat.net
static.anonymised.io
static.criteo.net
storage.googleapis.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.adotmob.com
sync.outbrain.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
vingroupwin.ph
visitor.omnitagjs.com
widget.nl3.eu.criteo.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.usbrowserspeed.com
api.rlcdn.com
cdn.jsdelivr.net
pv.medialead.de
104.102.45.165
108.138.26.63
13.248.245.213
131.153.158.209
141.226.228.48
141.95.33.120
142.250.185.130
145.40.97.67
15.197.179.7
162.19.138.119
172.64.151.101
172.64.152.89
178.250.1.6
178.250.1.9
18.157.198.8
18.192.146.238
18.202.86.19
18.239.94.32
18.66.122.63
185.86.139.103
198.47.127.205
2.18.96.104
2.18.97.29
2001:4860:4802:32::36
23.213.165.82
23.32.185.35
2600:1901:0:76b9::
2600:1f18:612b:4232:e6bb:aabb:4218:240a
2600:3c02:1::2d4f:f4d1
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:223c:2200:6:44e3:f8c0:93a1
2600:9000:223c:7200:10:dd8:5e40:93a1
2600:9000:2250:8e00:a:e047:753:a221
2602:803:c004:200::140
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:3038::6815:eab1
2606:4700::6810:5614
2606:4700::6810:85e5
2606:4700::6811:190e
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:803::200e
2a00:1450:4001:806::201b
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:9a4::3134
2a02:26f0:480:f::213:7ec8
2a04:4e42:600::649
2a0c:5c87:5239::2
3.121.34.204
3.132.66.110
3.217.130.42
3.66.183.224
3.69.93.92
3.71.149.231
34.102.146.192
34.107.217.107
34.117.157.22
34.120.107.143
34.120.63.153
34.246.253.18
34.253.135.155
34.96.70.87
35.186.193.173
35.244.159.8
35.244.193.51
37.157.6.232
37.252.171.85
44.193.179.92
45.137.176.88
45.79.222.138
45.79.244.12
46.228.174.115
51.38.120.206
52.19.94.255
52.209.247.244
52.212.5.247
52.57.96.192
54.155.236.110
54.228.20.207
54.82.17.205
64.202.112.159
65.9.66.122
68.183.18.251
69.173.144.138
8.2.111.104
85.114.159.93
95.101.148.20
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0409134df4107fe3d86b26248e3e8253287e929e94b690173bbab16e35686cd6
047e3685bfaba9f5752e2552ace0aaa49a596353914a295c3027e3b5609da7a9
05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cec483d69f6e48fe52ccc99c4a978e8f8cb4caec41413723a581d5e45e01b4e
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc612f56e0025fca0b9d98eeaf669c5c04ba0cbcc817cc53a2be340f335bf9e
10b9f9b34818c8fe8485930f176c55e5a9af1397aabdab511771f1931f86f1f7
138fee977dc4ed5faa24d58c77ab2293a1d18e6549c35fa8479e04a008d48a09
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
155b49025165c685e0fea0b5203d9981e11c9dcb9445a5019fa370e25eceb61d
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
169fe0d25ec31dc891dd81af468f37776b222fcea163e79776554ef4c6ed3564
18d3cafa2e6d1b8b42757f7dc25a29ef4c288fd61e2af87d990bcbbe89be31ee
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b047d2ae960d2ee9e36b697177dba0858103b2aa44bb9478ff797e5d1b19672
1d4545116badfac000ce3e9c90f65810846fcad5a223e0dcc0118f277c0bdf33
1e51e00eab4e9a6e965c8d4c261c63621e71e4239208e1eac41fbc7dba1d04ab
23e1a7f8cf0992da7ed62f6276355d445cca03e47579221725fa8d5262ad660c
2878be42a975ac123d345538840866a5919663fbd57bfb1d264fb8777def3b44
2be976bc10e8f7ce176227b4f17c4dc0048c758e4d15fc2c507436abb83be852
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
356ab5b781232f728be6b06df39ffacca0518909c4b36a6e26e54c2157559d9a
35791ab77e4963e6f750ced1c17f1d2b9f61a5523155c82b0bad84735f686450
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
396509bf6562ef77144cfe07d03397b3af970ab0717099a2956690cabc4e1b6f
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
40c875e245cc7e6abf1da525d9519ddcf22b6829ff64bf128fcc6a26df210288
4110f7d012a6bd95e16b7f763e19cd59d2eb5749813743117be4caf01e478138
42d11875c24e40b6686c9e0c190e206151db1595dccbc80726a525aa82b08d95
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4421d90bbf983478021bbc14981742e33af47dcfbbbbd2df44b975257fde30cb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
489024233d2026a7345f8675cd114e412771c2d74b301ab3be9cf7878652dcdd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2331f6f86a430cde6092a58f66ceb15a25a9d2b1ef1fc2266da087aa7898f2
4d37d154d2e59b51da988ddf44efe5270846984bef3fc373ada402f2bd0bf7fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
518a661b70a46a55c5ead917a7b2fa19e81149ea0d82c8f6a797a70930fcc3a6
5273933b35cc65681d5e4bcb46d9f13cab082c0db85cb392ac1f5ab5810859f3
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
57ecb686b5032784079770030d9771ba1739fcfe5ab01c348394f1f76d7b79fa
58d96fd0c18204b29fc3050b9bc26416d903d59c254d219585fdcf92119691d1
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5cd3bcbb7ebd5fa25d4bff1d68ae4bc7f8307132fdf39a84e751f57b341d737c
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6042d9e73b31d80d41f2a61553f8302159ba4fe84effa682cfb52b6899e43860
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6204e8d2481f5f507ffc1ddebdc0c3cff162cc34958fd46a08619a4aa20e0463
65ae640302acf7f1b9bba447f97ca48ac05ec06443ab71efca4269875c6601d6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
684675b87071906febd6c61e21ffc30530b4d31090d9b6a3e080dccbb9229725
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be93769c21075a72542c8d8501ab473d7623a79dae8ba43d01fca1cb4211e8a
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
6ecf41b844867c6148bafed097cbd4cbc266ca24ce6d55549a29642bed667692
6ee66462dfd582be1a93a2846cfd60d37d33d72ab5ed2ba22cc0f22ea199bbf6
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7285f44011ef06270a66d5bbe930c20061eae8cfc623edcdf601fd113142df60
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73423356780507f2b1d450d5d6d61324c38f961ff24db8bec93ea670f7d381fa
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7d61619f372fd6e94353311dd8196adfa02059664be81c0e5176b34489bd6991
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804dcbc892006cb041c6eed7a954330d2ee94f65f6a42bf571078f874709a190
807675586534319561adf44f7b468a3f20b832714046e43cc9d9f63a35a337f3
832ecde2a95e0b6b350be4b477050177facd60d8b645a99aef680e64f9132419
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
877a5d0982389d6e0c087e1e1e1bf5b551c1d24b1aa6468d397b5ed73e9e9ded
878da09a057ec8f1775cdc522e5f7ec44966df547a87a9c29826ba114833c24b
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
896b0220561d71c5d04a71c9b4c4fa319a94d32c276cdea5a5b2b37965c03001
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d4d0e5f64527c8cdb459bacb4a6692a93431faf772d24947c6168e15e35b907
8e638da198ae2858ddb1f2b0e0b2c2b8aadd5e9d058be11b8847450b0b647257
8e7e28f5b18b4400645714609719c7d789db5b0267405982974034807db0f398
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f
959eacecf18680fc15471964610efb96467b99f6126a6c5d3151216838a940bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e5625b7c8d18be1bb98cfabe01b608142da1f3bc6f3be904a8e772f7cbfc963
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9f8a562e61e7cbdbd5ff7df4973fd2777da2a43a4d7181d61f7ece3319546b56
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a146a8cbe760810a90a870f6494fd876116ff6eca054fec94ff702147b5782b9
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a25ba50d0fcb1f2d807fd39686ded34147bd3c095713d941c8cb23fcde624f3f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7793b5e334cee543a25df8ae022fda9f158d1a97be47c0441924a80a4119b03
a7d1764188958381826eb8994a59af929843ce114145cbff763dab06819bee29
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a8c4221da11b0d65b8c1d793f4012a9d31ac5cedd2dd078595d8c90673672c07
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a99d12b6ff6d6acd839887a0eda9aa988f3a60e31888fd8f6d84c1d281f4cc2b
ab30dba198d7a1161ad298f6f88bbdaa5705fd5d18ca4a666e61f7b8ba9635fb
adb5521f6daa28bf7a2f73decfaa78d1bd4efc45ab6e17eca144c3fcc4ccadba
ae63e73b1fcbbf40e57931ba1183c7d1df732c17e9d7898a4ce8ad1311cee833
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b149c1c5459ae7066f1e5a8cd82fc9e09171a8ee53664ce7f607f8715ae079fb
b1556dea32e9d0cdbfed038fd7787275775ea40939c146a64e205bcb349ad02f
b2a842c779a0a279f81dc54023665035b323d8732ee1ad09e4cd09e0474be790
b3e7d94c7a4cbaec5a2074f723f6cfca44cc83bff0cfb3d25acf85134a2cdf8c
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b55fcf673a3e39197b7eb7a98ac3276684ac58d06198232e8d7eb18f975742fb
b7f30869dbee15b1b57ff079d0ac0efd1e8780b5f1db26a8cfabeb6ac2738d85
baeb651dd46721485adebee331e78e22a9134c2f18e9cdb84c40c27e4134b435
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb511c16d0407281da5a7001c1c66b57e42fc3aeec18b26cc38266785faad6b3
bd592b04bfa9db1f181400b1576d937a3ded307829547a3f4a0e359c2193160f
bd7a510363ab2e9bbbb324e2be0d1b786c45feb1444276572d9cecab6b48cdcb
bdff91b4e14b9ea96f0ad4208b700fd542167bb0c884cb1194fd6e13ea428f1f
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c038c8400b9fd00f0d2dd9c88ccd665e9a3ea3dad1497f3382ce701b28c5265c
c47c146a34af8f548b23a848879b2f2366fde98f0a5b84fea53ce93c8d308f66
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cb0217ae6b1804320aab99ea40ab111a8264583e237fd928f1180babf9adb52a
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf141c19df1016a6d3488a1fcb4c1f6e346aa3c483f45b8dbe87605f498ca6b3
cfacd0aecbf0c24a217c574edb9b7275ebe96be1ab1787b80a67314ef65f6855
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d63a00bd3792944992dbab675d7259f30cc33ede7cda071170e9e8bbc2027cce
d897dee4df06b72cbe2a406fd52d4d8076557f5b262c36c7842d82f9afbfe5eb
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
e1c6681ee7fe76cae30c74ed59e4dd071513ad706b42662a48953370c3645b2e
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e336006cf81cd7b84ada0dec70060de2af67adcc1a8a069b6329fdeb3f99c8f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4123e359aa38679f323a3ae60066e4a7be8bf3984e8f073f19b9f09db94cb6a
e51f844f22309b273e9ed051120efb8d33f4cb92668bffce7bf99a4b1d084c31
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e724e26d8d124dcf99404f07ac7c77c862193df3cdaf137b74400103c384638a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eaefcba099dd5b6fd7ba98791d0bf773f604bff76772876a0dea2823641137fa
ed51b8cef89fbb16a7e4368f0c3d7b847903591f3d67c3ac4fcbc10ccab41765
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e5cfbb448f4a7d1a211708d946eae1e5dd43d3534e8eaa0c455d579b91710
f193d11ab4d53158fc7ed3e6edf36dfd124047b9478c20db021bcc92781ee26b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6f3fa12ecdc94c1d9cfd28d3680163a469c96521a03d171c764967ae93671fc
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9d3923c366681e4bdbd8e07f9a12754dbc4faaff033039362ddd27cce66432d
fbcf77beb02be4df79b71b547628f04ef3d0ff96d84c90205672c9d33668127a