urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://popcorntime-update.xyz/
Effective URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Submission: On September 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 16 countries across 117 domains to perform 470 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 230393.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 17th 2021. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
9 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
34 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.199.89.150 14618 (AMAZON-AES)
20 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 184.51.9.184 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.96.128.226 16625 (AKAMAI-AS)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 18.156.195.47 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
1 147.75.85.234 54825 (PACKET)
3 104.18.18.126 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 51.75.86.98 16276 (OVH)
7 15 37.252.172.37 29990 (ASN-APPNEX)
1 169.63.109.126 36351 (SOFTLAYER)
1 54.76.86.227 16509 (AMAZON-02)
1 52.59.23.138 16509 (AMAZON-02)
1 35.244.182.124 15169 (GOOGLE)
8 52.28.140.119 16509 (AMAZON-02)
12 2a0c:5c81:514... 55081 (24SHELLS)
1 34.107.148.139 15169 (GOOGLE)
1 23.35.236.247 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
13 18.66.97.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.208.240.0 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
4 108.138.4.10 16509 (AMAZON-02)
7 3.33.220.150 16509 (AMAZON-02)
1 3.219.23.242 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
4 34.202.79.131 14618 (AMAZON-AES)
1 18.66.147.24 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.206.210.112 16625 (AKAMAI-AS)
22 2a00:1450:400... 15169 (GOOGLE)
1 18.196.70.214 16509 (AMAZON-02)
1 185.94.180.124 35220 (SPOTX-AMS)
1 18.195.44.243 16509 (AMAZON-02)
1 198.47.127.22 3257 (GTT-BACKB...)
7 16 104.18.19.126 13335 (CLOUDFLAR...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.37 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
15 37 172.217.16.130 15169 (GOOGLE)
10 23.35.228.23 16625 (AKAMAI-AS)
1 23.216.77.36 20940 (AKAMAI-ASN1)
4 37.252.172.123 29990 (ASN-APPNEX)
1 151.101.193.108 54113 (FASTLY)
2 2a0c:5c81:515... 55081 (24SHELLS)
3 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 11 62.149.1.122 15497 (COLOCALL ...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 6 46.249.52.248 50673 (SERVERIUS-AS)
1 67.202.105.32 32748 (STEADFAST)
1 72.251.249.14 32475 (SINGLEHOP...)
5 5 213.19.147.44 3356 (LEVEL3)
2 3 35.227.252.103 15169 (GOOGLE)
6 142.250.186.34 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
6 7 64.202.112.255 22075 (AS-OUTBRAIN)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 202.241.208.53 4694 (IDCF IDC ...)
1 54.150.26.149 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 178.62.202.251 14061 (DIGITALOC...)
2 2 2600:9000:223... 16509 (AMAZON-02)
1 1 54.73.46.151 16509 (AMAZON-02)
3 3 3.126.56.137 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.65 16276 (OVH)
2 66.155.71.150 13768 (COGECO-PEER1)
2 5 185.64.190.78 62713 (AS-PUBMATIC)
2 3 76.223.111.18 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
3 8 52.72.177.11 14618 (AMAZON-AES)
1 1 54.196.200.185 14618 (AMAZON-AES)
3 5.178.65.252 50673 (SERVERIUS-AS)
2 2 23.75.240.210 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
1 205.234.175.175 23352 (SERVERCEN...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
4 6 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.180 1299 (TWELVE99 ...)
19 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.29.134.244 30419 (MEDIAMATH...)
1 178.250.0.163 44788 (ASN-CRITE...)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 141.94.171.216 16276 (OVH)
2 3 54.78.254.47 16509 (AMAZON-02)
2 4 169.50.137.184 36351 (SOFTLAYER)
3 82.113.101.132 6805 (TDDE-ASN1)
3 4 35.227.248.159 15169 (GOOGLE)
1 2 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.248.26.113 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.81 24961 (MYLOC-AS ...)
3 4 52.30.246.43 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.171.98.27 16509 (AMAZON-02)
2 54.77.178.38 16509 (AMAZON-02)
1 162.55.233.28 24940 (HETZNER-AS)
3 3 151.101.194.49 54113 (FASTLY)
1 1 23.35.228.210 16625 (AKAMAI-AS)
1 1 3.218.193.24 14618 (AMAZON-AES)
1 2 52.95.115.255 16509 (AMAZON-02)
2 4 52.46.143.56 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 1 34.250.60.112 16509 (AMAZON-02)
1 2 37.252.173.62 29990 (ASN-APPNEX)
1 54.243.180.156 14618 (AMAZON-AES)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 69.173.144.138 26667 (RUBICONPR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 18.66.97.88 16509 (AMAZON-02)
1 51.158.28.83 12876 (Online SAS)
1 69.173.144.165 26667 (RUBICONPR...)
1 23.216.77.34 20940 (AKAMAI-ASN1)
1 3.124.210.90 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 3 52.30.152.75 16509 (AMAZON-02)
1 1 54.146.105.203 14618 (AMAZON-AES)
1 5.161.47.120 213230 (HETZNER-C...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 72.251.241.196 32475 (SINGLEHOP...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.139 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 151.101.65.44 54113 (FASTLY)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 3.67.147.59 16509 (AMAZON-02)
1 74.222.140.101 18672 (EVOCATIVE1)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
3 3 3.120.100.229 16509 (AMAZON-02)
2 2 35.211.233.246 19527 (GOOGLE-2)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.102.253.54 15169 (GOOGLE)
1 99.80.190.113 16509 (AMAZON-02)
1 1 34.206.145.40 14618 (AMAZON-AES)
1 1 37.157.4.28 198622 (ADFORM)
470 130
2    72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
popcorntime-update.xyz
9    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
34    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    34.199.89.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-89-150.compute-1.amazonaws.com
embed.sendtonews.com
20    2a02:26f0:10e::6860:5ba8 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com
a.teads.tv
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
at.teads.tv
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
4    51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
15    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
1    54.76.86.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-227.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    52.59.23.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-23-138.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
8    52.28.140.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
12    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ads59.adtelligent.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-25.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2    2a00:1450:400e:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    18.208.240.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-0.compute-1.amazonaws.com
s2l.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
4    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.219.23.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-23-242.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    34.202.79.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-79-131.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-24.fra60.r.cloudfront.net
player.sendtonews.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
22    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    18.196.70.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-70-214.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    18.195.44.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
16    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
pubads.g.doubleclick.net
18    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
37    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
10    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
1    23.216.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-36.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
2    2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
3    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
11    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
sync.console.adtarget.com.tr
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2a05:d018:d29:3601:1c03:949a:3875:f724 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    64.202.112.255 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    54.150.26.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-26-149.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
2    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2600:9000:223f:a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    54.73.46.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-46-151.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
8    52.72.177.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-177-11.compute-1.amazonaws.com
a.audrte.com
1    54.196.200.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-200-185.compute-1.amazonaws.com
ssp.disqus.com
3    5.178.65.252 (Rijswijk, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
16    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
6    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
19    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
3    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
loadeu.exelator.com
4    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:96e:5500:bf36:df5c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:d320:1e1a:8a69:d2b0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.248.26.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    52.30.246.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    54.171.98.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    54.77.178.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-178-38.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.218.193.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.250.60.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-60-112.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.243.180.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-180-156.compute-1.amazonaws.com
rtb.adentifi.com
2    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    23.216.77.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-34.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
1    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
3    52.30.152.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    54.146.105.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-105-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    3.67.147.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-147-59.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    74.222.140.101 (United States)

ASN18672 (EVOCATIVE1, US)
PTR: 74.222.140.101.CUSTOMER.VPLS.NET
match.bnmla.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    3.120.100.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-229.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    99.80.190.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    34.206.145.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-145-40.compute-1.amazonaws.com
sync.ipredictive.com
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
pubads.g.doubleclick.net — Cisco Umbrella Rank: 368
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
309 KB
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
500 KB
33 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
image2.pubmatic.com — Cisco Umbrella Rank: 1557
simage2.pubmatic.com — Cisco Umbrella Rank: 999
image4.pubmatic.com — Cisco Umbrella Rank: 1518
simage4.pubmatic.com — Cisco Umbrella Rank: 1673
aud.pubmatic.com — Cisco Umbrella Rank: 8829
38 KB
30 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1694
6 KB
24 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 2637
ib.adnxs.com — Cisco Umbrella Rank: 329
fra1-ib.adnxs.com — Cisco Umbrella Rank: 6160
cdn.adnxs.com — Cisco Umbrella Rank: 1968
acdn.adnxs.com — Cisco Umbrella Rank: 876
secure.adnxs.com — Cisco Umbrella Rank: 725
65 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
693 KB
22 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6082
ads59.adtelligent.com — Cisco Umbrella Rank: 572659
sync.adtelligent.com — Cisco Umbrella Rank: 6001
s.adtelligent.com — Cisco Umbrella Rank: 5516
26 KB
20 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 625
173 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
as-sec.casalemedia.com — Cisco Umbrella Rank: 2163
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
ssum.casalemedia.com — Cisco Umbrella Rank: 1950
dsum.casalemedia.com — Cisco Umbrella Rank: 2337
15 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2852
mwzeom.zeotap.com — Cisco Umbrella Rank: 2511
5 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19566
s2l.sendtonews.com — Cisco Umbrella Rank: 20543
timber.sendtonews.com — Cisco Umbrella Rank: 21199
player.sendtonews.com — Cisco Umbrella Rank: 22426
208 KB
13 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3032
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
33 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1802
contextual.media.net — Cisco Umbrella Rank: 819
warp.media.net — Cisco Umbrella Rank: 3434
lg3.media.net — Cisco Umbrella Rank: 5204
hblg.media.net — Cisco Umbrella Rank: 2614
160 KB
10 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 7606
u-ams02.e-planning.net — Cisco Umbrella Rank: 94857
s.e-planning.net — Cisco Umbrella Rank: 10459
i.e-planning.net — Cisco Umbrella Rank: 11359
4 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
50 KB
9 simcast.com
simcast.com — Cisco Umbrella Rank: 230393
102 KB
8 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2892
8 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1586
1 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
dmp.adform.net — Cisco Umbrella Rank: 5535
cm.adform.net — Cisco Umbrella Rank: 2156
3 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 845
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
2 KB
6 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1142
tags.crwdcntrl.net — Cisco Umbrella Rank: 1654
sync.crwdcntrl.net — Cisco Umbrella Rank: 1087
18 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
dis.criteo.com — Cisco Umbrella Rank: 946
2 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
cloudflare.com — Cisco Umbrella Rank: 180
30 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 757
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1468
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 4652
pixel-eu.onaudience.com — Cisco Umbrella Rank: 11621
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
176 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com — Cisco Umbrella Rank: 456
333 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1479
x.bidswitch.net — Cisco Umbrella Rank: 420
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
358 B
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 846
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 741
usermatch.krxd.net — Cisco Umbrella Rank: 1847
942 B
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 918
match.taboola.com — Cisco Umbrella Rank: 4406
604 B
3 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 41343
2 KB
3 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25218
loadeu.exelator.com — Cisco Umbrella Rank: 9079
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
pixel.mathtag.com — Cisco Umbrella Rank: 1583
2 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2282
598 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1389
866 B
3 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 21954
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 18728
2 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176
casale-match.dotomi.com — Cisco Umbrella Rank: 3934
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5194
435 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3601
971 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1910
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 8004
624 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1307
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1505
s.tribalfusion.com — Cisco Umbrella Rank: 3853
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28350
682 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2152
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2044
752 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6721
562 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
382 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 991
881 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4294
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
pixel.quantserve.com — Cisco Umbrella Rank: 691
901 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2879
res-a.akamaihd.net — Cisco Umbrella Rank: 8749
25 KB
2 gstatic.com
fonts.gstatic.com
143 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
914 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
at.teads.tv — Cisco Umbrella Rank: 4668
4 KB
2 popcorntime-update.xyz
popcorntime-update.xyz — Cisco Umbrella Rank: 97402
3 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1659
554 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1623
209 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5242
465 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1268
518 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 4523
114 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1399
44 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16512
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8020
277 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2381
408 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 9837
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116
613 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1452
1 KB
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 10761
535 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 7089
17 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2164
35 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 118041
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 767
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 3036
359 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
529 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 15554
220 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 98216
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 17009
411 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 3537
311 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4477
1 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 636
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 3128
707 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 985
469 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4008
44 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1511
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
574 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 10473
233 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
277 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 5291
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
266 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 678
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2186
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1084
356 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5408
163 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 11660
97 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
13 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 7623
402 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 848
165 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 25217
547 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
273 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
645 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 23564
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
41 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 460456
961 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 38994
139 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
30 KB
0 smilewanted.com Failed
prebid.smilewanted.com Failed
470 117
Domain Requested by
37 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
spl.zeotap.com
ssum.casalemedia.com
34 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
22 s0.2mdn.net imasdk.googleapis.com
popcorntime-update.xyz
s0.2mdn.net
20 img-s-msn-com.akamaized.net simcast.com
18 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
s0.2mdn.net
15 ib.adnxs.com 7 redirects cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
googleads.g.doubleclick.net
acdn.adnxs.com
spl.zeotap.com
13 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
ads.pubmatic.com
13 simage2.pubmatic.com ads.pubmatic.com
13 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
13 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
11 ads59.adtelligent.com popcorntime-update.xyz
ads59.adtelligent.com
9 sync.adtelligent.com ads59.adtelligent.com
simcast.com
ads.pubmatic.com
ads.us.e-planning.net
s.adtelligent.com
s.console.adtarget.com.tr
9 simcast.com popcorntime-update.xyz
simcast.com
code.jquery.com
8 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
simcast.com
ads.pubmatic.com
8 btlr.sharethrough.com cdn.adapex.io
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
popcorntime-update.xyz
7 b1sync.zemanta.com 6 redirects
7 match.adsrvr.org js-sec.indexww.com
simcast.com
ads.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
7 s2l.sendtonews.com embed.sendtonews.com
6 image2.pubmatic.com ads.pubmatic.com
6 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
d29xw9s9x32j3w.cloudfront.net
s.adtelligent.com
6 googleads4.g.doubleclick.net popcorntime-update.xyz
6 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
popcorntime-update.xyz
www.googletagservices.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
spl.zeotap.com
5 contextual.media.net ads59.adtelligent.com
contextual.media.net
popcorntime-update.xyz
simcast.com
4 s.amazon-adsystem.com 2 redirects ads.us.e-planning.net
ssum.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 um.simpli.fi 2 redirects ads.pubmatic.com
ssum.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
vid.vidoomy.com
4 sync.1rx.io 4 redirects
4 fra1-ib.adnxs.com ads59.adtelligent.com
simcast.com
cdn.adnxs.com
4 www.googletagservices.com securepubads.g.doubleclick.net
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
4 www.google.com tpc.googlesyndication.com
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
4 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 timber.sendtonews.com embed.sendtonews.com
4 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
4 onetag-sys.com cdn.adapex.io
ads59.adtelligent.com
ads.us.e-planning.net
s.adtelligent.com
4 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
3 x.bidswitch.net 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 portal.o2online.de s0.2mdn.net
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 s.e-planning.net ads.us.e-planning.net
3 eb2.3lift.com 2 redirects ads.us.e-planning.net
3 ups.analytics.yahoo.com 3 redirects
3 lg3.media.net simcast.com
popcorntime-update.xyz
3 rtb.openx.net 2 redirects 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
3 ads.pubmatic.com ads59.adtelligent.com
ads.pubmatic.com
s.adtelligent.com
3 csync.loopme.me 3 redirects
3 embed.sendtonews.com simcast.com
popcorntime-update.xyz
embed.sendtonews.com
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 a.sportradarserving.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
2 token.rubiconproject.com eus.rubiconproject.com
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 pixel-sync.sitescout.com 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
ads.pubmatic.com
2 s.ad.smaato.net 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 ads.us.e-planning.net 1 redirects ads59.adtelligent.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 fonts.googleapis.com embed.sendtonews.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 popcorntime-update.xyz popcorntime-update.xyz
1 cm.adform.net 1 redirects
1 pixel.rubiconproject.com eus.rubiconproject.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 sync.crwdcntrl.net 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 ps.eyeota.net simcast.com
1 res-a.akamaihd.net simcast.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 js.cookieless-data.com s.e-planning.net
1 vid.vidoomy.com ads.us.e-planning.net
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 rtb.adentifi.com ssum.casalemedia.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 pixel.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 a.rfihub.com 1 redirects
1 id5-sync.com
1 sync.inmobi.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 cms.quantserve.com 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
1 cc.adingo.jp 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 dsp.adkernel.com 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
1 acdn.adnxs.com simcast.com
1 hblg.media.net simcast.com
1 ap.lijit.com simcast.com
1 ic.tynt.com ads59.adtelligent.com
1 s.adtelligent.com ads59.adtelligent.com
1 s.console.adtarget.com.tr ads59.adtelligent.com
1 cdn.adnxs.com ads59.adtelligent.com
1 warp.media.net ads59.adtelligent.com
1 qsearch-a.akamaihd.net ads59.adtelligent.com
1 sb.scorecardresearch.com simcast.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 secure.cdn.fastclick.net popcorntime-update.xyz
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 cdn.resonate.com embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 prebid.media.net cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 prebid.smilewanted.com Failed cdn.adapex.io
470 187

This site contains links to these domains. Also see Links.

Domain
www.afternic.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-17 -
2022-09-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
ads59.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-04 -
2022-11-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-26 -
2022-10-24		 3 months crt.sh

This page contains 77 frames:

Primary Page: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Frame ID: DFFA3706803893BDE6BBCA48694F706A
Requests: 134 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Frame ID: A019EA1C1BC7FDAC9B2DA19F2344C697
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1662634068&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662634068274&bpp=3&bdt=678&idt=231&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6355499478463&frm=20&pv=2&ga_vid=2020953146.1662634069&ga_sid=1662634069&ga_hid=1968133049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44772488&oid=2&pvsid=1106933977396237&tmod=655254652&uas=0&nvt=1&ref=http%3A%2F%2Fpopcorntime-update.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: 91187155546E58E6A656186B1B10D304
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: E6C1D7ABBB48090F98FA2BA5CB8B8BB7
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 0FA057C270194BAE9E905A3FB88FDF14
Requests: 3 HTTP requests in this frame

Frame: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1684EFD3051303D1BE6B845186EA4513
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08B46D86A015CB85B7348316AE7C2594
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16DAB1CEE52818052B102ED26279CCC0
Requests: 2 HTTP requests in this frame

Frame: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6511D2614E67E0D30884BD2131CF1E8E
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveHqOoJN-IgiSilJeEX75vT4jCQiFigVLcNxvMg5YUztJS74i20QLu_V6v9t1DGNJGvY15d0gGpJwnvE_yQG-6ML_ajfIB_5Ky1175xDmmrctD7OAMQZjPGxRwTCS8F0q2FdaXDWhssXtaXCWYt8k_Lifv_TVt3WQNJj3OcNPAUMGCYw8-ptYaTI71qTPHoibUfg5NbShPFrxAOrQD2S_5JvkUsu8ncZ-eTmGaY61tstiahSTeCAQtPTlqrxjoGoJFd8-G5-newpussBhWAVyNP1aWdPvSmRVV2EuS4hmqpR72pvSE-Opr3brCoQ&sai=AMfl-YSU4ujVR7Li3DLT0gqqzdnYmPmnvj2pQKxGixpg2o0UxQ5CHv3WkPaV8yPsxwFOfIr_KNkPeXR5926RTfxH10c4M38LgdG7jx0ExXsBV-kSnwgVD11DbD-zr9f-qA&sig=Cg0ArKJSzC1gK0j7yzI7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3AD62406A90B2E22BA308CF38DE8AC3A
Requests: 20 HTTP requests in this frame

Frame: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB6071C8F900E8DD03B9E12318377434
Requests: 15 HTTP requests in this frame

Frame: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 536968F12691E3F9010C57C99952689C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Frame ID: E0352CFB222CEFDE39259C4DEC1157BC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Frame ID: FF64EC0C80987693D9DB97AB254797C9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Frame ID: 849C034241986D727CB71C6EF09F9B9C
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Frame ID: 94512DD943FC76713DE1E753AC0E6F88
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59B78D2AB132983175081A2E6AAA8D3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A0F4FD2EFAF8CD693418B45D66C9E18
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E02B1DF8DAD2188F7F842FC55DCD67B8
Requests: 9 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=748067
Frame ID: B72BCCF937A502B4559BE0EFA68C4785
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=771cc470-05a4-4233-b9a3-feaa933208c9
Frame ID: A718532830D44BFA58F368532DDAC160
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 84C75135B462A5858DDA0D20E3EC0B37
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 72B842034F98C3396FC579DE4F165A14
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: E1184192ABD3E503B70A4D31A652F1CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 007C115991FFA0A4E8195AD1A333FCD0
Requests: 9 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 77FC673D4FE71E6C684E4EC185429502
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2825CB0641494CF65C3E81D8CC4C4356
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
Frame ID: 39FFFE1FDCAE462C89D7E0D8F04F88E9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
Frame ID: 68EE73E8B9ADB0DC2D46744EC2E46D92
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Frame ID: 46AF0AEB8847638BBAC61FBCF9171689
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Frame ID: 247437B786EC4E03971E41611020CE22
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033,171,175,178,157,3018,159,214,3014,97,77,99,56,59,38,182,184,141,188,222,201,246,4,203,225,10000,80,9,109,208,82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E4A5808959B874FB3B9C54BEBF5D7D14
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033,171,175,178,157,3018,159,214,3014,97,77,99,56,59,38,182,184,141,188,222,201,246,4,203,225,10000,80,9,109,208,82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: F7126C00FCB8B53AA5F30591B67C1E2E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Frame ID: D3C77965ECC0E6F72EEC0552FA026471
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37DF14DAAE4D931E747B6F54A8344391
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70756D752131AC0CAB918191C31F5A7B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 862B5EA6836CD0BF341B2C9F8F6A6FD6
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Frame ID: CFF6E63949E85EE863842EA1F1CE2400
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 83974424EFB52BC679939D533651E779
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: C5C85D4F80C570CC65B15BA075C5185C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&cmp=0
Frame ID: 33B6D3485C7A52BED0523B50C32F7947
Requests: 31 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Frame ID: BA368E5BED9C9968B59F24E8C5D3C3B0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4904851706845890458
Frame ID: 7C95D0A4DC7AC48C785EAE4D0A1D2C29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d126319-c857-4e00-975b-90b936fe006c&gdpr=0&gdpr_consent=
Frame ID: D30BBB7791498DB3506ABD1D3C958198
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5E3500D70E6ADD5AA1B7373A1D9EA285
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Frame ID: 03BEC1C60EFA1921BB9270F17C41E823
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Frame ID: DF3377BB1ADFDEBE82A964222064B0DD
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: DC0D42C732063B92E18920D8B5D74B80
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 9236C4266CD2D109F2A796925FA06677
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=cca6fba3c858d920&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 95FB4404FF2F6BC232CF78CE3431CCEB
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: CA584320991A3C4B2A3A37D8652B8A4C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIspSeTSmiyOhSnu
Frame ID: 91327C0424E36259B7FA4633AAA26C43
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Frame ID: C870142588AA156DE38DE27442BF5D2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Frame ID: 0BE88FF98504894F240E6FF54BE440F4
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B3CA778F0647F0E00B521B7771298DD6
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 649D83F0BE1274B0AA827999757CBE4D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 2734CF5949BDAAC845B537C62820328F
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 3AEB3EF905505565CD3F2AC8130D55D9
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 905D5DFA2A583FDF56D7B742BC998877
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7140958960186554507
Frame ID: 0BA18F285E333D9326C8162632679E7E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxnIWAAMW-So2wAK&gdpr=0&gdpr_consent=
Frame ID: 702E15776D730669A9DF247A85787AEA
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: C4077AECB81B7A06394022F5E6C039F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oXKyA6oDQZRIlgGqLcp0SNly14Q
Frame ID: 0DBF349E6739B7F379114B2FCCF64899
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 82A6E43692BACFE9601CD5F57E368C34
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9B38F8034B612BDE1C14EB02E6189158
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 969F1E2FCC52760471AA61D5DC51690D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8750076754
Frame ID: F049320E0133276504D186A804C11BBC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D2A6477B550B7AFBCDB2F990039B8EF8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 6EF8225D9821B759D375E58038F74C1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsTUbSRRRhnXMnWSnU
Frame ID: 6C64B796E7066B1671E4988227AB737D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=976bccac-a4eb-4c3c-a139-8ca0e3313995-tucta134dda&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 32EB4918FADBDB86E6A0023C50BCCCB0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: D329A9B3B60EF9DD444EDA4E27BE409B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UB5MeTHL1Owf4C5&gdpr=0&gdpr_consent=
Frame ID: 2968A4D7CCC55F46D224AB49DA90E5DA
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5146B7B60EAAE0E78DBB073055715676
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48E81AC81B454704B0AC122CA6CA50AC
Frame ID: 2C6132BE09D0ED232BDAD83DEE279894
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Frame ID: D646604444B2085C0134F33A1E631D3A
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3693311076331742190
Frame ID: E1B247407FE02D04FE38BF6AEA15BA35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://popcorntime-update.xyz/ Page URL
  2. http://popcorntime-update.xyz/page/bouncy.php?&bpae=GbhOd6cmYk17jnNk%2B%2F4vkCnBygqk2Kq5qS4KNqg1lF9XtemToZ... Page URL
  3. https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

470
Requests

83 %
HTTPS

22 %
IPv6

117
Domains

187
Subdomains

130
IPs

16
Countries

5009 kB
Transfer

10272 kB
Size

121
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://popcorntime-update.xyz/ Page URL
  2. http://popcorntime-update.xyz/page/bouncy.php?&bpae=GbhOd6cmYk17jnNk%2B%2F4vkCnBygqk2Kq5qS4KNqg1lF9XtemToZ2xG%2Ba2DwKQpIXpnyEBuNMPC24nK7%2F6uGPFAOWjFpkltJHTrrs%2FcD4bLbZJc9lxP%2FWjYRNZoNnXIgZON1uVcsh4CFRJPV50iDCgElYO6fwJVYi%2FUzdBSlAcG5y0qU%2FTt6P5PfDjLsvyDXjEOKW4%2F0sbUEOG2Do1Jgz7v5%2B%2BY7I9GgPj0FM3TueAMBLupFgGCztP5yN%2B63MdyRMvYzCzBY8rPVHRTipo%2BB8uhX5dNin0w9BJB%2BfV7QOQfRt5H%2FzJ28vikrBs%2FGktBTqjhb%2BuiNcKsWH7AWA04iBi%2FYDsAvDfOOulcKMQsnXIXbLpDLS1btNh%2FvvhGIUIVfcFgbrNfpdR9E6xhzXW1HuSkhaedtV9wwY%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 145
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_iHqFXwzL1hhMXhRQVlUcktrREo1dVp4dktvL1hlSy8yZEJJdExvWXQ2bTdJRzdjRWJ0WWxJeEd0U1BjN0hrWVFFM0hBT3NqYXFrOW43NVFWR1djbVNoWnpUWk9ldlhVM3RJVkdPUmFsc3RkS3JZazZjNTVEN3E0QWthc245M2JtMVc2anVzZEF6TStWT0piSnhpMWhsdm1Zb0ZJOUlvbE9HMTZXNzZRZ1g5WGpWZE9UVGd5cld1Zy9aTXFLVXd2emlKWkFpVjhnQ0JFblBvaFAzMG5OYU1qVXhvRVRGZXMzWEFKaExnck4ybEFCMkdZPXw&cppv=2
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Request Chain 200
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Request Chain 202
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Request Chain 207
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Request Chain 209
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Request Chain 211
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Request Chain 242
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=771cc470-05a4-4233-b9a3-feaa933208c9
Request Chain 246
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5263463049080341825
Request Chain 250
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1662634071262 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1700379818
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5263463049080341825
Request Chain 252
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f177cdb5-9c82-4f8f-a910-8d6d92f73165
Request Chain 269
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB7OLBTgeIqNvEmCLzpZbf0&google_cver=1&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqINQ1R5V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqINQ1R5V&google_hm=MzA0MTM1NjUzMjMzNjkyNjE1MA%3D%3D
Request Chain 270
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_cver=1&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Request Chain 272
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_cver=1&google_push=AehlK4DIXr43A3YilWY3OBe8DSJKwj6R9QI0nU5W21gA7WlEHU_IBRcRG2cEeAzWMh0CovmzIHbIGLbygpSBr37Tp3BgtDY7DgO5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_hm=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&google_nid=index&google_push=AehlK4DIXr43A3YilWY3OBe8DSJKwj6R9QI0nU5W21gA7WlEHU_IBRcRG2cEeAzWMh0CovmzIHbIGLbygpSBr37Tp3BgtDY7DgO5
Request Chain 273
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENLMcEGdayQnpauKxjhjI6M&google_cver=1&google_push=AehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-256a1cd0-ac85-41a9-ab0c-5aae0016197a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD%26google_hm%3DAyVqHNCshUGpqwxargAWGXo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD&google_hm=AyVqHNCshUGpqwxargAWGXo
Request Chain 274
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDz3mWCsIR3Ci2q1fxPCeSI&google_cver=1&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez&google_hm=WXhuSVdNQ281dEFBQUxHeEQzNEFBQUFB
Request Chain 283
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEMY9rgEFgqJ2-rtHHTsZ6nE&google_cver=1&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFAJkhknLIJsdaVvilA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFAJkhknLIJsdaVvilA
Request Chain 284
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_cver=1&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Request Chain 285
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAt4wBOvjV0hdy6Vfh7-lUk&google_cver=1&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4fxuthd_fQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4fxuthd_fQg
Request Chain 286
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHnU_6wN5qQ_si0faDFnYhA&google_cver=1&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk&google_hm=ZzUzYWNiNDNlMWQ2M2NkYzk1ZmU=
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECLh0r0Ti5SANHmZktD17KE&google_cver=1&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7goTIoqyT656LXRxRXObgYCDxE6a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECLh0r0Ti5SANHmZktD17KE&google_cver=1&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7goTIoqyT656LXRxRXObgYCDxE6a&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13OFR2ekw1RTJ1RnZfdU83NHQ1WTJWZEV0Q3RCTHowMn5B&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7goTIoqyT656LXRxRXObgYCDxE6a
Request Chain 288
  • https://sync.inmobi.com/gob?google_gid=CAESEJvoHs5J-r34EAPuk9OAooI&google_cver=1&google_push=AehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAgabf2pEBVXf4EPoHi3ZX5WaX2UL-n1aMwi HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAgabf2pEBVXf4EPoHi3ZX5WaX2UL-n1aMwi&gdpr_consent=&gdpr=
Request Chain 292
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMLEuuv6KGFcYCHMjAmwvrM&google_cver=1&google_push=AehlK4CHsqpShucsxYjhEXxqPNFk2xEzssTbeZuTn9A188kNoNfAx-s_qCMfwRMVgiFvG4nh1fAOHAHdS5kOHj5KW71IbuebO_fp HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMLEuuv6KGFcYCHMjAmwvrM&google_cver=1&google_push=AehlK4CHsqpShucsxYjhEXxqPNFk2xEzssTbeZuTn9A188kNoNfAx-s_qCMfwRMVgiFvG4nh1fAOHAHdS5kOHj5KW71IbuebO_fp&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHsqpShucsxYjhEXxqPNFk2xEzssTbeZuTn9A188kNoNfAx-s_qCMfwRMVgiFvG4nh1fAOHAHdS5kOHj5KW71IbuebO_fp
Request Chain 293
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAt4wBOvjV0hdy6Vfh7-lUk&google_cver=1&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUpHPkUjkQJnfqq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUpHPkUjkQJnfqq
Request Chain 294
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENRZXqByVOq5Zwq261CYhxs&google_cver=1&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r&google_gid=CAESENRZXqByVOq5Zwq261CYhxs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYzMDExMDI3NDk1ODEzNjg5Nzk0&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r
Request Chain 295
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELzx92aKkk7NJjewyTUGFF8&google_cver=1&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHICkvfwokg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHICkvfwokg&google_hm=MTk5NzkwMTkyMjEzMjI3MjQ1OA==
Request Chain 296
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPo8C_49y40CXrna5Qy23x4&google_cver=1&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvsB02ts65fO8ogNo42w HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPo8C_49y40CXrna5Qy23x4&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvsB02ts65fO8ogNo42w&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvsB02ts65fO8ogNo42w&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dcca6fba3c858d920%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=cca6fba3c858d920&uid=5263463049080341825
Request Chain 306
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dcca6fba3c858d920%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=cca6fba3c858d920&uid=ua-5049bd26-1108-3368-b104-d07de08518a3
Request Chain 310
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 322
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Request Chain 323
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4904851706845890458
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d126319-c857-4e00-975b-90b936fe006c&gdpr=0&gdpr_consent=
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a716319-c857-4f00-9892-9fc46be93008
Request Chain 329
  • https://pixel.onaudience.com/?partner=214&mapped=CFA8A2CA-2137-4D34-915F-9C0D90D1F194 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=159a75b5a463601920afd4b467f72e2d&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0ZBOEEyQ0EtMjEzNy00RDM0LTkxNUYtOUMwRDkwRDFGMTk0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3LCsNHd7kNRHFTnyDNoQ&google_cver=1
Request Chain 333
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3693311076331742190
Request Chain 335
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5263463049080341825&gdpr=0&gdpr_consent=
Request Chain 336
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JI3IvXGGzLM_iJ-2J4zU5iGGy-E_38HiI43imHRC
Request Chain 354
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=047eb59a-4368-4c23-b37f-c475d9de397b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 360
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6ef46c5c-6429-48f1-a346-1ede3716de53&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 361
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=626023d3-1076-437e-68cd-2d8263d2b8a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=626023d3-1076-437e-68cd-2d8263d2b8a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=71042662779673182790456276821914231791&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 363
  • https://bn01.er.bemail.it/zeotap.php?_bid=626023d3-1076-437e-68cd-2d8263d2b8a6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022090822-73599-0.553600001662670452-c8cb10af36a24c1abebe6f54e5db866f&zdid=533&env=mWeb
Request Chain 364
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7140958960186554507&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 365
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6
Request Chain 366
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=626023d3-1076-437e-68cd-2d8263d2b8a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=626023d3-1076-437e-68cd-2d8263d2b8a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361&bounce=1&random=2461923715 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=2Fl1wcRqu.4DO70rfYaplu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 368
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=626023d3-1076-437e-68cd-2d8263d2b8a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=626023d3-1076-437e-68cd-2d8263d2b8a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 369
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-.MBMGBdE2orzcaEtiHfo.t2NQfXXeaZYYA--~A&zpartnerid=570&env=mWeb
Request Chain 370
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBHztSxX2OOWiktcGyfJg91y%2BS41iYitP1U%3D
Request Chain 373
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361&_test=YxnIWAAMW-So2wAK HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YxnIWAAMW-So2wAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&_test=YxnIWAAMW-So2wAK
Request Chain 374
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7a716319-c857-4f00-9892-9fc46be93008&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 375
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 376
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Request Chain 377
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Request Chain 379
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Request Chain 382
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&dcc=t
Request Chain 386
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 387
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=771cc470-05a4-4233-b9a3-feaa933208c9&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 388
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662720471&gdpr=1
Request Chain 425
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3693311076331742190 HTTP 302
  • https://a.audrte.com/p
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h2tHAcOxjyS5qU55Rvg5DiHw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h2tHAcOxjyS5qU55Rvg5DiHw&gdpr=0&gdpr_consent=&google_gid=CAESENs3KuGSqOTa2rUY5ImrGeQ&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 432
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 437
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7140958960186554507
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxnIWAAMW-So2wAK&gdpr=0&gdpr_consent=
Request Chain 439
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbkpVN0dNNUVBQUE0VTBfVnVMQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 440
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oXKyA6oDQZRIlgGqLcp0SNly14Q
Request Chain 441
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 443
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 444
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8750076754
Request Chain 447
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7618999be2fe48e6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTUbSRRRhnXMnWSnU HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7GPoEAlsTUbSRRRhnXMnWSnU HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsTUbSRRRhnXMnWSnU
Request Chain 448
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=976bccac-a4eb-4c3c-a139-8ca0e3313995-tucta134dda&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 450
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UB5MeTHL1Owf4C5&gdpr=0&gdpr_consent=
Request Chain 452
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48E81AC81B454704B0AC122CA6CA50AC
Request Chain 454
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&addseg=19,36,42
Request Chain 455
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 457
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194 HTTP 302
  • https://a.audrte.com/p
Request Chain 458
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a8cb16de-6553-4577-9753-13bb2d74fb73&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f85b58e-233d-4820-9da9-e221f3279969&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 460
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RpCL2VE2uUnuh9UtkWLFtkBxAbosRc-~A&gdpr=0&gdpr_consent=
Request Chain 462
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d57fa68-4d11-4f2a-a7de-3cd3e0b96406&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 463
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7003131464600800624&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 465
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5263463049080341825
Request Chain 467
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2175f498-f30a-4d79-bace-438cbff8303d&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3693311076331742190
Request Chain 471
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=6d4825e4f70c4c9e

470 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
popcorntime-update.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://popcorntime-update.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:46 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
popcorntime-update.xyz/page/ 		724 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
http://popcorntime-update.xyz/page/bouncy.php?&bpae=GbhOd6cmYk17jnNk%2B%2F4vkCnBygqk2Kq5qS4KNqg1lF9XtemToZ2xG%2Ba2DwKQpIXpnyEBuNMPC24nK7%2F6uGPFAOWjFpkltJHTrrs%2FcD4bLbZJc9lxP%2FWjYRNZoNnXIgZON1uVcsh4CFRJPV50iDCgElYO6fwJVYi%2FUzdBSlAcG5y0qU%2FTt6P5PfDjLsvyDXjEOKW4%2F0sbUEOG2Do1Jgz7v5%2B%2BY7I9GgPj0FM3TueAMBLupFgGCztP5yN%2B63MdyRMvYzCzBY8rPVHRTipo%2BB8uhX5dNin0w9BJB%2BfV7QOQfRt5H%2FzJ28vikrBs%2FGktBTqjhb%2BuiNcKsWH7AWA04iBi%2FYDsAvDfOOulcKMQsnXIXbLpDLS1btNh%2FvvhGIUIVfcFgbrNfpdR9E6xhzXW1HuSkhaedtV9wwY%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://popcorntime-update.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:46 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		38 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/page/bouncy.php?&bpae=GbhOd6cmYk17jnNk%2B%2F4vkCnBygqk2Kq5qS4KNqg1lF9XtemToZ2xG%2Ba2DwKQpIXpnyEBuNMPC24nK7%2F6uGPFAOWjFpkltJHTrrs%2FcD4bLbZJc9lxP%2FWjYRNZoNnXIgZON1uVcsh4CFRJPV50iDCgElYO6fwJVYi%2FUzdBSlAcG5y0qU%2FTt6P5PfDjLsvyDXjEOKW4%2F0sbUEOG2Do1Jgz7v5%2B%2BY7I9GgPj0FM3TueAMBLupFgGCztP5yN%2B63MdyRMvYzCzBY8rPVHRTipo%2BB8uhX5dNin0w9BJB%2BfV7QOQfRt5H%2FzJ28vikrBs%2FGktBTqjhb%2BuiNcKsWH7AWA04iBi%2FYDsAvDfOOulcKMQsnXIXbLpDLS1btNh%2FvvhGIUIVfcFgbrNfpdR9E6xhzXW1HuSkhaedtV9wwY%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
33e4770d9f8d1deac89c884e156dcf4af232bf9aab8b02f380c897f3ff8dfb22

Request headers

Referer
http://popcorntime-update.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7306
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:47 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15851"
vary
Accept-Encoding
x-hw
1662634067.dop017.fr8.t,1662634067.cds056.fr8.hn,1662634067.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:47 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:47 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:47 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
application/javascript
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		501 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f55d7a93bfdd4fafecbdbc2c8f4fa6d5735461d7c56ad361f1ba9534816aa39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1944
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Sep 2022 10:14:22 GMT
server
cloudflare
etag
W/"63171d7e-7d293"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssoZSeYd%2FaMnHtRxa3zoyQgbjBJptqXH0Qr41FL31Uljilx6Igk%2B46wP80MMXOmhaS2s4PUxTHNlAyDB%2FTLM8F0Kw03U99%2BKl%2F9vjytfMqdsxQAWmELMZve3tGS6V5XuVuyq289KLeJRzKPq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
74771baafa6a9b21-FRA
expires
Fri, 09 Sep 2022 10:15:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfdc7b78cbd660bf7652e5935fe7d14e0b475ce7ca5afac9dcbddfdf4d043ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57425
x-xss-protection
0
server
cafe
etag
9238556984927513869
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 10:47:48 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/png
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		676 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=popcorntime-update.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e26e4f75ac415fc65c9c596acbd30876d294335b645a5926dae05a29e97bac69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1265017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeKFyBMCkyIIYgl1H6h%2FNCzh6ZuJnw5p%2BGcGapcWSKwBLwxUykDKtB0kr4IPqxhv9ki3Kx69Q93ixKgo7DgW9CRIIcJwc79hT46IblafWRhFrxLXw2kXla%2Bc8gaLoeejgXvdLnZCwP8vgrnZSGg592Or"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74771bad5aa59b25-FRA
expires
Tue, 29 Aug 2023 10:47:48 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3075251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7Vg402ssINZUcYU334%2Fl3UtpPH%2FvIzwHltnu5bi3m6LFeaDY8fPpjEfT87SFS0eFV7M6gOGZKe0SK7TCRin3e%2F2GmS0iinXP%2FldzmHUqM20xVcM%2F672VysOVVl2NUNsLdNvsAGhNjXPyDPHZKe9IGlC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74771bad5aa69b25-FRA
expires
Tue, 29 Aug 2023 10:47:48 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3098
expires
Thu, 08 Sep 2022 11:47:48 GMT
AA11zA7O.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11zA7O.img?h=100&w=100&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4a5890fadf4f1a5db4e8fec4ef5198e1f747d04af748cc476f40807b0f1f241d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 08:52:07 GMT
x-datacenter
eastap
x-source-length
103625
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425040
x-activityid
ffdafbf1-1e1b-4dd4-b756-1f57f4ea11de
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11zA7O?h=100&w=100&x=1024&y=682.5&m=5
x-resizerversion
1.0
timing-allow-origin
*
content-length
2207
expires
Tue, 13 Sep 2022 08:51:48 GMT
AAPwesU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPwesU.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Sun, 04 Sep 2022 18:26:22 GMT
x-datacenter
eastus
x-source-length
2497
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=113931
x-activityid
2c4db459-40f9-452c-839e-b425ae3eb0d6
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPwesU
content-length
2497
expires
Fri, 09 Sep 2022 18:26:39 GMT
AA11yRVY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11yRVY.img?h=100&w=100&x=402&y=326&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c9e61e0e72d4554c295fe846a551c7e7361b0e3c7633fd95d73688eeb7cbb3f1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 07 Sep 2022 15:29:02 GMT
x-datacenter
eastus
x-source-length
53363
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=362475
x-activityid
0eaca5d8-1a46-4908-9b60-ecdd9cd7dca8
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11yRVY?h=100&w=100&x=402&y=326&m=5
content-length
3303
expires
Mon, 12 Sep 2022 15:29:03 GMT
AA11AKgM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AKgM.img?h=100&w=100&x=2000&y=1355.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1d6061ee999e6bf4094a04d03ca16bf8d8ae0fa2ee97fa47f25b9ce5bfbe7b6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:29:58 GMT
x-datacenter
westus
x-source-length
3005118
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430955
x-activityid
f2224a46-08ad-47ed-b013-8cc2766388be
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AKgM?h=100&w=100&x=2000&y=1355.5&m=5
content-length
3897
expires
Tue, 13 Sep 2022 10:30:23 GMT
AACl6Lf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AACl6Lf
date
Thu, 08 Sep 2022 10:47:48 GMT
x-source-length
18254
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf
x-activityid
5e9bdbb9-471b-4eba-aff4-545783ac6092
last-modified
Fri, 26 Aug 2022 21:19:54 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
18254
x-resizerversion
1.0
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=124290
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:19:18 GMT
AA11AyC4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AyC4.img?h=100&w=100&x=241&y=115&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd57f840fb8920690c2eace79ec85dbc61e8d0dba6855c3dc46200cccc9683d0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 06:30:07 GMT
x-datacenter
westus
x-source-length
1164398
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=416498
x-activityid
e4bc6290-f076-447d-b737-7514953bc14b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AyC4?h=100&w=100&x=241&y=115&m=5
content-length
3381
expires
Tue, 13 Sep 2022 06:29:26 GMT
AA11B3M0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11B3M0.img?h=100&w=100&x=1024&y=676.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5198a3ffd5e324f6065c453f5bc702580c32fa4b344f3a82773be282cf7d238a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:42:29 GMT
x-datacenter
eastap
x-source-length
441525
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431710
x-activityid
ec806927-3dc0-47f9-8791-d2d6e8c7c44c
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11B3M0?h=100&w=100&x=1024&y=676.5&m=5
content-length
3856
expires
Tue, 13 Sep 2022 10:42:58 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 24 Aug 2022 11:00:34 GMT
x-datacenter
westus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=303260
x-activityid
14f1fb15-7062-44b7-98ec-610a428b0bd4
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Sun, 11 Sep 2022 23:02:08 GMT
AA11AWNQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AWNQ.img?h=500&w=1000&x=512&y=383.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7173f775c89f8f8b5042810a2fa5cfd75a6b2c60c6f61ece87347754c9da469b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:28:10 GMT
x-datacenter
westus
x-source-length
57453
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430883
x-activityid
4f17de09-b00b-4546-ab22-c477462446ec
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AWNQ?h=500&w=1000&x=512&y=383.5&m=2
content-length
54048
expires
Tue, 13 Sep 2022 10:29:11 GMT
AA11AHiX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AHiX.img?h=70&w=95&x=400&y=266.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d85c0dac777196641757b4d6683283b6fd3a8e384c68f32b92934688f6141be1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:29:14 GMT
x-datacenter
eastap
x-source-length
93228
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430834
x-activityid
ab69ad23-9556-405b-af2c-a50627ddc264
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AHiX?h=70&w=95&x=400&y=266.5&m=5
content-length
2157
expires
Tue, 13 Sep 2022 10:28:22 GMT
AA11AU6p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AU6p.img?h=70&w=95&x=337.5&y=284.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7af9de024889fc1527ebedb4e89b9e4841070ccc9b88a514b407f7b637155a92
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 09:58:34 GMT
x-datacenter
westus
x-source-length
488638
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429155
x-activityid
f9e99fa4-591c-4ba7-a862-c39f694e7958
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AU6p?h=70&w=95&x=337.5&y=284.5&m=5
content-length
2386
expires
Tue, 13 Sep 2022 10:00:23 GMT
AA11AuYm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AuYm.img?h=70&w=95&x=1100&y=664.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f05cbd0de5224093bcc8d426cc6ac129ace17752b9e61e3acc8601e5c84e6863
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 06:14:15 GMT
x-datacenter
eastus
x-source-length
1533331
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=415615
x-activityid
3ab93af6-5f57-478c-b0b8-1da78b854107
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AuYm?h=70&w=95&x=1100&y=664.5&m=5
content-length
4143
expires
Tue, 13 Sep 2022 06:14:43 GMT
AA11AKgM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AKgM.img?h=70&w=95&x=2000&y=1355.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f367880630883ea99b08f057dec0e48120c61227f8e5293ca5dff29f7de804c9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:29:14 GMT
x-datacenter
westus
x-source-length
3005118
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430877
x-activityid
265416ad-aaec-466b-a2fe-1e22c1fba447
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AKgM?h=70&w=95&x=2000&y=1355.5&m=5
content-length
2910
expires
Tue, 13 Sep 2022 10:29:05 GMT
AA11AFjd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AFjd.img?h=70&w=95&x=640.5&y=162.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e162e5ea744f50808907173bf387dc0430bef0ff1fa5f4702f17a89b9917d0e2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 09:36:26 GMT
x-datacenter
northeu
x-source-length
275293
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427687
x-activityid
c0b8c1c9-51c2-4a15-942d-5aa641c6f8c7
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AFjd?h=70&w=95&x=640.5&y=162.5&m=5
content-length
3134
expires
Tue, 13 Sep 2022 09:35:55 GMT
AA11yWh3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11yWh3.img?h=70&w=95&x=411&y=223&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5badd12771e18462a140c30a952916df968ec6b8f4ef28f1f74bb6d83c181211
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 07 Sep 2022 18:12:12 GMT
x-datacenter
westus
x-source-length
97344
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=372247
x-activityid
b5713b8f-48ba-467e-8f3f-24c187810f86
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11yWh3?h=70&w=95&x=411&y=223&m=5
content-length
2905
expires
Mon, 12 Sep 2022 18:11:55 GMT
AA11AV8x.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AV8x.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
110a303b8b195ecd3121f7f42a9d22650a8b930a6f88a830455a94e95f6e1896
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 10:45:14 GMT
x-datacenter
eastap
x-source-length
508882
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431883
x-activityid
fdaa9500-40d1-4c3d-8cfc-0865e88946b0
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AV8x?h=70&w=95&x=1024&y=682.5&m=5
content-length
3018
expires
Tue, 13 Sep 2022 10:45:51 GMT
AA11Axb9.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Axb9.img?h=70&w=95&x=400&y=266.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b188793efb6a0e104e3c3153bc026f8afd011f4cae34fa1fcffebac6bec7214a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Thu, 08 Sep 2022 08:30:12 GMT
x-datacenter
eastap
x-source-length
153830
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=423731
x-activityid
202149fe-f560-4cd2-a18b-6ff82453e656
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Axb9?h=70&w=95&x=400&y=266.5&m=5
content-length
3481
expires
Tue, 13 Sep 2022 08:29:59 GMT
AA11z3pn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11z3pn.img?h=70&w=95&x=400&y=267&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ba7ea7a55fd2bdf70d34d34e946179fdd01c994071651e39507e1f84cb7da77e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 07 Sep 2022 16:26:38 GMT
x-datacenter
eastus
x-source-length
77178
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=366016
x-activityid
0b35aa82-0238-40cb-8d39-edbda41e4511
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11z3pn?h=70&w=95&x=400&y=267&m=5
content-length
2939
expires
Mon, 12 Sep 2022 16:28:04 GMT
AA11zaT0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11zaT0.img?h=300&w=400&x=400&y=271&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
77a37aa580fb9d08dafbfab6a407b8c555c34b6ad24b7cd571f70e5d6bac800b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 07 Sep 2022 17:15:06 GMT
x-datacenter
westus
x-source-length
85927
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=368872
x-activityid
b3dbb333-be32-4b3b-b6f8-7421a611dc0d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11zaT0?h=300&w=400&x=400&y=271&m=2
content-length
33920
expires
Mon, 12 Sep 2022 17:15:40 GMT
AA11yRVY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11yRVY.img?h=300&w=400&x=402&y=326&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10e::6860:5ba8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b65815a4b904a6b86568054d27c132c20e25b416983bff84abad7fbec215b8a7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 07 Sep 2022 15:36:49 GMT
x-datacenter
eastus
x-source-length
53363
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=362916
x-activityid
84a8882e-2d42-4865-80c5-ed4f4196f856
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11yRVY?h=300&w=400&x=402&y=326&m=2
content-length
17333
expires
Mon, 12 Sep 2022 15:36:24 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
351
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bdc2c5c47be6b76b39867737b63ffc0db58a725d6c204e9148f34d9b0690868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41871
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Sep 2022 10:47:48 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Thu, 08 Sep 2022 10:47:48 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		323 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
927c56922488a539b3f75adaf07cab80c241f0cf53f7accfe940a6b4b88696f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
74771bad88878fe6-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28627
x-xss-protection
0
server
sffe
etag
"1327 / 989 of 1000 / last-modified: 1662633210"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Sep 2022 10:47:48 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
CiKHX4xqxgFLMLxE9KKEwvOwE3PStQI4
content-encoding
br
last-modified
Wed, 07 Sep 2022 12:45:11 GMT
x-amz-request-id
ZFV4ENVG4065PR31
etag
"ceb80d9e3795d1d7b4cbf5e7b8d7dddc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Thu, 08 Sep 2022 10:47:48 GMT
accept-ranges
bytes
content-length
3339
x-amz-id-2
BsLEPuq63LAQLxL7U7VHrAXcDTQ0Mm3CBplUYXxIH6GC0fis0qV1F9wl83k23KMzfMo5Szc2jrU=
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 09:58:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Thu, 08 Sep 2022 10:47:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 		344 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2be4f4684db4c398e31eed63adf2a419356aedfd9e4d5c092f595ebef4254029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124218
x-xss-protection
0
server
cafe
etag
2592050395126561446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 10:47:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/ Frame A019 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:11:46 GMT
etag
8616628553774171045
expires
Thu, 22 Sep 2022 10:11:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=bd83746&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:48 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 08 Sep 2022 10:47:48 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c1e9dbc70e6ffdcacbf2c7dec4046c4efb7cce681ca30d48129f3e2ba360539a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9118 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1662634068&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662634068274&bpp=3&bdt=678&idt=231&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6355499478463&frm=20&pv=2&ga_vid=2020953146.1662634069&ga_sid=1662634069&ga_hid=1968133049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44772488&oid=2&pvsid=1106933977396237&tmod=655254652&uas=0&nvt=1&ref=http%3A%2F%2Fpopcorntime-update.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:48 GMT
expires
Thu, 08 Sep 2022 10:47:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
font/woff2
content-length
75440
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220901/ 		655 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 00:03:42 GMT
server
Apache
etag
"a3c23-5e7a6767c5380-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 08 Sep 2022 11:47:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6348
date
Thu, 08 Sep 2022 09:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 08 Sep 2022 11:02:00 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-type
text/html; charset=UTF-8
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 10:47:48 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		819 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ba4431edf47bcaf2d9ef359403319792d549bbfa7ce0394d613d32a20a618e15

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:49 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.225.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
73
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22686a3b85f8757dc%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fpopcorntime-update.xyz%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%2252f4ef3a-6a04-4767-9c71-53de8fce52df%22%2C%22divId%22%3A%2252f4ef3a-6a04-4767-9c71-53de8fce52df%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226996ce5bcb534da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%239bda270a-77d8-4afa-930a-bdaf472bb4f8%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2273d11303936fa97%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%23722f7015-27ed-4ef9-860d-229e7fccfcc9%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%227736740a2a66dd8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%2315b1cb0e-c2c7-47e2-89de-920d3aea42e0%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2279ed93e37bbc991%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%2352f4ef3a-6a04-4767-9c71-53de8fce52df%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2292b1434a-33dc-475f-a44d-63ceeeead9b3%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7133b1b1cf6db052e3351a20533de53583cb23d63eb47ae79c25085f55baab27

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U8WTqVh52NG0C3%2B2CB9Jnng1NKI%2BT4zNo6zi6G%2BmMnLHU5pYIxmIiL6DyQVaLjP7uz51ho1yC3Xmefdn8lmDfspXamaxRrnV9Sdvd0%2B7d7hFklFNWQ3qaW7hQezSkDuXrovTXTw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74771bb23fa19bee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://simcast.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		495 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f5e3118d5a051002ab8515936548edff4e37d13fa117a2de3012aba4ceb470a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:49 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ea9484d-923f-4e09-b040-0d596fdeea41
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
in-appadvertising.com/api/ 		55 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=969bd0fe8d70d57&pubId=30557&sectionId=10399&vers=7.11.0&url=https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
5c5af71bd9bf11f13418dad2910f96a289cb7ca142f44b6b86827b95aca7ef3b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:49 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Cache-control
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.86.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-86-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hbjson
grid.bidswitch.net/ 		25 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.23.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-23-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ad99d0f9a0f48b6249069f5a0f8e7d7823c846e0af1acd6a51fb37ba04240411

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Sep 2022 10:47:48 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.140.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-140-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:48 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6809cc6b7bd820f6162b3ca44d15e08f00234ea6a79472ff097799718d945d1f

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Sep 2022 10:47:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1471
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2514cca30bf76dc27903270dc77db0736570801176c84895e438f180bde7c2fd

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b777898f84c03a15a16771db6d7f8a022bf45bd5dab8266a8bc158c36831c43a

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a47d6927399f0b2dc43967004002012991ffba60f678ecfd1deec0aeb7c7be98

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
74243d8213a3e44d0d9757a8b7c4f6955a66b39a690e87bd0adb1ff8047d025e

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
82f7f1ffad237f3473064a1ec7307061bd8a96b37f3177e14fdf344f30290155

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f7303b7e852cb003f321ad837b883e1e036c10104a717d76d6b74167804536b7

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cc54dc4d2f71945b0ab81cdc5fba79903453a20e2b03214902e0daa62c5ca2e5

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8cd6bb2931338c651f7e3ac6cc37a14627506839fd89236f2fcc8fd4d22ec0b6

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
faf03a13fa3d1c0f7eae7925c5037608f3865abd35de717aa9c1ae82494f9f29

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a890924e6d982678eb86a04bce3dc2d7f1c2a7cab7f9b37b83a9caa410393e65

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5c91adffcba594220278ec5ae112b05dafe835e7d4cb2711340d736acd4f0b74

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dc03d75433efdc539c26fa8288464a3c0796870fbbd5939ec8bb624e2da97a53

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.media.net/rtb/ 		1 KB
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0da0c9c2b2aaab454b67b1ff091c3ca1ed965f470ff65e62094e40fbd69a7a64

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1968133049&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fpopcorntime-update.xyz%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1807558537&gjid=131012652&cid=2020953146.1662634069&tid=UA-205158314-1&_gid=2063052319.1662634069&_r=1&gtm=2ou8v0&z=1651818645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 10:01:50 GMT
Server
Apache
ETag
"da28a6-9a4f-5e82784a78a2a"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1100
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Thu, 08 Sep 2022 11:06:09 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 10:47:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 10:47:49 GMT
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 10:47:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 10:47:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 10:47:49 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2566619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDYF4GJ06RnTW6vyoZAI8NI8YF%2BWE1Hxs0skBNQZ8nXeklE1ZxaFqEZ5hONr9yggdko9vAbNimXBwJ6LUVTfzrqsBpc17g5meSpleGOmYoPwVLbXRQHpQ5w5hbfTEU5jXHkogIaf7O1Be7hUfuQP843L"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74771bb68c4f9bd6-FRA
expires
Tue, 29 Aug 2023 10:47:49 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame E6C1 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3518221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waAf7pCuh%2Fx6klKvXLsiv7jSz51QeekfyWNf9pVEjie0p5sXfi6EMXR1MgnsqfYJYmY5cnhUjpxnH89lDdhty%2Bn0tu2mnfvIU47%2BGXIaQel29MK72uIhK62F64jc0NmLNGl0OIF0%2BKKtZYKmqtMHR5Uz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74771bb68c4e9bd6-FRA
expires
Tue, 29 Aug 2023 10:47:49 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame E6C1 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
iR8vpt-8qh1LSh5d6lNU5i11zAQsmQ7Tks0QsqUtnEW_EAu3DahuIw==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame E6C1 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 23:06:59 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
42052
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
342796
x-amz-cf-id
wLAGlDO1K5YfxoarCSkX__lQBkwzh3ir44mD7mqTiM3cXs4tacU4iA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Thu, 08 Sep 2022 10:47:49 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 15:32:27 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
69323
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
1094
x-amz-cf-id
pA_VBWjSmtoRt4SUIMrA3ndnGYDiYlZ929_Jl2O13XGXg93mCySUHw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:52:38 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
50116
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
322
x-amz-cf-id
oZk0FV9coWvrs993oPWCCm6_B-cwg8i2z9WkWwinmwwQGeB3fzT5fw==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 13:50:47 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
75423
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
832
x-amz-cf-id
7F0kw3gJT-0e0tJtj01c-70yv8rnTikLZCvT54SP9HREegP1C-ILPQ==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 18:32:19 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
58531
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
773
x-amz-cf-id
CtVD2NNmuK76UlFAsujc-E6DI0DVYkT2T4sgG8jXmt8wZlllXoBb4w==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=750302&version=7.8.0&age=220908&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=2624&relativeTime=0.2&canonical=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		37 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=xKdiDHu_vecaYhXK&instance=750302&version=7.8.0&age=220908&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ec5b97c228830a1e0e54750e7a313b09ad34a0e1827824b3e318d1a4baa64362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
7397
expires
Thu, 08 Sep 2022 10:47:50 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame E6C1 		0
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
74771bb6d955bbd9-FRA
date
Thu, 08 Sep 2022 10:47:49 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame E6C1 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 08 Sep 2022 10:36:29 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
681
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P6
content-encoding
gzip
x-amz-cf-id
hqpjqdIgVDuuVVi6MuRysUpci7TUT7vdt442xYQuat9bz4YdpzM-Gw==
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
130470a6c78b43a4443a611d4c3e4b7fcb1a45c2c28eb6659153fdc31b0c510f

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 08 Oct 2022 10:47:49 GMT
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-23-242.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:49 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E6C1 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
29008
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Thu, 08 Sep 2022 02:44:22 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
j04rhxHPeBnMqX4ccmepyEYPYorjAniH5iDEImubmnvL39yAi7_WQw==
config
c.amazon-adsystem.com/cdn/prod/ Frame E6C1 		248 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:20:33 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server
Server
age
12435
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
248
x-amz-cf-id
nmomPAgfElb8L4vHPMbUT5XV4UeYfZ_UZGYmqk1C_dMw9d93Q2mf1A==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=2832.4&relativeTime=208.6&canonical=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=dXhbR8Veqy&USR_ID=214750302&ST_usrKey=xKdiDHu_vecaYhXK&SM_ID=2224400&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-79-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 10:47:50 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:19:16 GMT
content-encoding
gzip
age
1766
x-cache
Hit from cloudfront
content-length
1394
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 21:08:40 GMT
server
Apache
etag
"e75-5d956cd664600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
k0FhDE4MXX0OSfbv_iIRi7pr_Ri6FpoNgydHTB0D1A56IKIJmAeWOg==
expires
Thu, 08 Sep 2022 11:18:23 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:56:32 GMT
x-content-type-options
nosniff
age
229877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:56:32 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:33:24 GMT
x-content-type-options
nosniff
age
569665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 20:33:24 GMT
4ckfvdvfvpqj0f1v8fv4pkfhym3jqwpm.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/4ckfvdvfvpqj0f1v8fv4pkfhym3jqwpm.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08678e17d5a7693ff31f1546961e9383bf0fa58942e9178470bb7a329aa5f587

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:33:03 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
age
33287
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
64104
last-modified
Thu, 08 Sep 2022 01:29:33 GMT
server
AmazonS3
etag
"2818ac5923c30cc0138b0342bfb1dbab"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
uRxQdvR249__4KK3bctPVoWJKNhb20tPYvOzOhIM4WYTKxPozbbS_w==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=2856.1&relativeTime=232.3&sC_ID=8783&sm_id=2224400&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=dXhbR8Veqy&USR_ID=214750302&ST_usrKey=xKdiDHu_vecaYhXK&SM_ID=2224400&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-79-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 10:47:50 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame E6C1 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 08 Sep 2022 11:02:49 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 0FA0 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
165044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 12:57:05 GMT
expires
Wed, 06 Sep 2023 12:57:05 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 10:47:49 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame E6C1 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fpopcorntime-update.xyz%2F&pid=zUr3LAmgf4o5Z&cb=0&ws=300x150&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
FWV7ZMBYQMBTWWPAT18K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
D9BAYMZwgF__qiMiW8AW5r8UQWv429nl3LJJfq6XIZD0rVOaQ8v6FA==
cygnus
htlb.casalemedia.com/ Frame E6C1 		36 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217b4c9119c1a32%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b9b5eac670b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
766037869dbcd28801b9d7f498b6f81d624e82f97f8f16fd1a744eb4cb7ffe04

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8htXnDGYMxqVVc8kKUq0d5TjMmHxcvnwXNnw4VlYMsXMp5A%2FPHrV4KOIyU2BTeUi1h3TrZ09wpvwDiyld%2Fx8PqqBcSU6vgs0lQnLAf5c8ooosStDhCXmH0rf%2BJbHtlixI%2Bz8kQTE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74771bb8dcdb9966-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame E6C1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
38e523bf570cc6089ab8b5ca6d91377d1890b7e550dd99d709f2dcedcc906a43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:49 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8d4be25d-e75b-43d0-a85a-3c577827f205
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame E6C1 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.70.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-70-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:49 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame E6C1 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 08 Sep 2022 10:47:50 GMT
X-SpotX-Timing-Transform
0.000351
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000848
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000334
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.013819
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000256
X-fe
090
Last-Modified
Thu, 08 Sep 2022 10:47:50 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009562
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Misc
0.002436
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.009562
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame E6C1 		173 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bbaf3bba774f1019e28172de5802a95983aea42c4cad85743361c7a0585c7393

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
166
expires
0
translator
hbopenbid.pubmatic.com/ Frame E6C1 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 10:47:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
headerstats
as-sec.casalemedia.com/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq7fko%2BV8p0eXtVY9Sm76zZh5VV9WEsyj97tb6zHVj%2FLzUhgTFzS2OoTx513MsDfvqxm9Xd49BV85X8d6UAxESvAafg54%2FBfWGfbfAUVn5rOEwiCIn98dxdwRFLntyLEPPjaL26cJd8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74771bb95e335b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220901&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bed4a3c76c41b666e1d00294016ae264c8fa9db3dc40a9a9ced135ffe1da27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11028
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 08 Sep 2022 10:47:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
546520
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_iHqFXwzL1hhMXhRQVlUcktrREo1dVp4dktvL1hlSy8yZEJJdExvWXQ2bTdJRzdjRWJ0WWxJeEd0U1BjN0hrWVFFM0hBT3NqYXFrOW43NVFWR1djbVNoWnpUWk9ldlhVM3RJVkdPUmFsc3RkS3JZazZjNTVEN3E0QWthc2...
364 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_iHqFXwzL1hhMXhRQVlUcktrREo1dVp4dktvL1hlSy8yZEJJdExvWXQ2bTdJRzdjRWJ0WWxJeEd0U1BjN0hrWVFFM0hBT3NqYXFrOW43NVFWR1djbVNoWnpUWk9ldlhVM3RJVkdPUmFsc3RkS3JZazZjNTVEN3E0QWthc245M2JtMVc2anVzZEF6TStWT0piSnhpMWhsdm1Zb0ZJOUlvbE9HMTZXNzZRZ1g5WGpWZE9UVGd5cld1Zy9aTXFLVXd2emlKWkFpVjhnQ0JFblBvaFAzMG5OYU1qVXhvRVRGZXMzWEFKaExnck4ybEFCMkdZPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ddb0ae0bb2a71cfd5805a7218669f95c02813d76750118c76706a71f2fb383aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1477775
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_iHqFXwzL1hhMXhRQVlUcktrREo1dVp4dktvL1hlSy8yZEJJdExvWXQ2bTdJRzdjRWJ0WWxJeEd0U1BjN0hrWVFFM0hBT3NqYXFrOW43NVFWR1djbVNoWnpUWk9ldlhVM3RJVkdPUmFsc3RkS3JZazZjNTVEN3E0QWthc245M2JtMVc2anVzZEF6TStWT0piSnhpMWhsdm1Zb0ZJOUlvbE9HMTZXNzZRZ1g5WGpWZE9UVGd5cld1Zy9aTXFLVXd2emlKWkFpVjhnQ0JFblBvaFAzMG5OYU1qVXhvRVRGZXMzWEFKaExnck4ybEFCMkdZPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
329660
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1106933977396237&correlator=3741274236837008&eid=31069228%2C31068366%2C31069101&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=344230583%2C3402756058%2C1750181772%2C3011892016&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbusinessinfoline.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.03%26hb_adid%3D15123d0c0ed09356%26hb_bidder%3Dadtelligent%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbusinessinfoline.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D320x100%26hb_pb%3D0.08%26hb_adid%3D152e524a5d3be6ee%26hb_bidder%3Dadtelligent%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=arTest%3Dtrue%26wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D1100%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D700%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D800%26waae%3D1300%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s&sc=1&cookie=ID%3D3d00281b3fdb7f35-2246f19415ce00bf%3AT%3D1662634068%3ART%3D1662634068%3AS%3DALNI_MbMeEOHa6YudTv-_jKY6PKzF4LXqQ&abxe=1&dt=1662634070068&lmt=1662634070&dlt=1662634067595&idt=629&adxs=315%2C791%2C1230%2C0&adys=193%2C1059%2C288%2C1937&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fpopcorntime-update.xyz%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1867&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=2020953146.1662634069&ga_sid=1662634069&ga_hid=1968133049&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b30234dd4e58fa2d0c5021f136dd9d08398815fa04d00b47f4b9451b619d5b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35587
x-xss-protection
0
google-lineitem-id
-1,5922117770,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138381022356,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1684 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Fri, 08 Sep 2023 10:47:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rop5r7o14rop0042q6686on06364oos9playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/rop5r7o14rop0042q6686on06364oos9playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
938f5517635098b2b79684110ca6672037132ae7646af8fa3bbc9134c5682ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:34:02 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
age
33229
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Thu, 08 Sep 2022 01:23:04 GMT
server
AmazonS3
etag
"a687cec7f2246cf14caf7b58ff53bf96"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
ES4JAa1YPSXabxu7m5IL-HeCM4mqAn0eNpp6dKS5ZzKiNVlW7tiOUA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=3220.8&relativeTime=597&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.528.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=3221.3&relativeTime=597.5&sm_id=2224400&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=76.5&prebid.bidders.appnexus.time=99.1&prebid.bidders.triplelift.time=103.9&prebid.bidders.spotx.time=216.5&prebid.bidders.rubicon.time=223.9&prebid.bidders.pubmatic.time=108.1&prebid.start=2978.7&prebid.time=231.5&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
3s04s330s307p065n2r103p1r38r1nrobase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		13 KB
13 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/3s04s330s307p065n2r103p1r38r1nrobase.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad2e88aaf7ed709d90cd0ca66aadc987faf39ee74991f73a89c0c8860c91551f

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:33:03 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
age
33288
x-cache
Hit from cloudfront
content-length
12843
last-modified
Thu, 08 Sep 2022 01:24:14 GMT
server
AmazonS3
etag
"da8b9f838c132cc1f63e420c9da34ae8"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
tIddN3tkSgX2UN5ILRddqArHOkC9_cR06Km_kglg-MI1Bb64JNhyAw==
rop5r7o14rop0042q6686on06364oos9.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		2 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rop5r7o14rop0042q6686on06364oos9.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb1dbdc4b19179b5ef200f64c867ac9921a2d3dc7e183ed9969b5a518bbdbed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:34:03 GMT
content-encoding
gzip
age
33228
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 08 Sep 2022 01:24:31 GMT
server
AmazonS3
etag
W/"248b2e812c7c931524d70fe148da6d76"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
8AZ3TFXIM6cfOClKUMN-pUXAt2UQ5VSSFuzaktuioy8sUwe_DQ8bcQ==
ads
pubads.g.doubleclick.net/gampad/ Frame 0FA0 		42 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2224400&us_privacy=false&cust_params=sessionKey%3D214750302-xKdiDHu_vecaYhXK%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D4%26us_privacy%3Dfalse&sdkv=h.3.528.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&sid=47C1A921-E190-444F-B7DF-782C140BB296&nel=0&eid=44752711%2C44754420%2C44760950%2C44765701&ref=http%3A%2F%2Fpopcorntime-update.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1662634067595&idt=2439&dt=1662634070136&cookie=ID%3D3d00281b3fdb7f35-2246f19415ce00bf%3AT%3D1662634068%3ART%3D1662634068%3AS%3DALNI_MbMeEOHa6YudTv-_jKY6PKzF4LXqQ&correlator=82705026356601&scor=2817135673892170&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
2e706a5218a2ec2ec1c6aad42e4c926df6173da4345dcc9840ad5b3b281a0f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1586
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rop5r7o14rop0042q6686on06364oos9-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		466 KB
467 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rop5r7o14rop0042q6686on06364oos9-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdd02719f1ddf1eeed191540a862b1a7b8fa0e5baf2c32a5a3a532044e2e989c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:34:03 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
age
33228
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
476768
last-modified
Thu, 08 Sep 2022 01:24:25 GMT
server
AmazonS3
etag
"7f108911443d2dd3e859fddbf19b3ad3"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
fcdl2UWBGRwfHrI-JqmKffPTDdlnjuF3FeW5GLKzIF4GYE_0F21Rdg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:50 GMT
50f15f63-8b3e-40c9-99ee-1e8dd2b0d276
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/50f15f63-8b3e-40c9-99ee-1e8dd2b0d276
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
rop5r7o14rop0042q6686on06364oos9.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 KB
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/rop5r7o14rop0042q6686on06364oos9.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74071637f8d2b398523e7f9a65efb2577ad44f8a55227f74eb26689746a474ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:34:04 GMT
content-encoding
gzip
age
33227
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 08 Sep 2022 01:24:50 GMT
server
AmazonS3
etag
W/"7cb9af2a002a170ea3719d67c9798689"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
vDJR96YniRrlbVvkbgJ5Q07Z_4mMQ8Y5qQoaqBj33oKeiZ8mALH6rg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08B4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:28:59 GMT
expires
Fri, 08 Sep 2023 10:28:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 16DA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
494ca69e2fba79012c90453434b0fb56db844d0515dae4b78f3b2910a532e070
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z0vvT7annT6aqCyW0Ow8CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-z0vvT7annT6aqCyW0Ow8CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Thu, 08 Sep 2022 10:47:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=3420.4&relativeTime=796.6&alt=0&sC_ID=8783&sm_id=2224400&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=dXhbR8Veqy&USR_ID=214750302&ST_usrKey=xKdiDHu_vecaYhXK&SM_ID=2224400&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-79-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 10:47:33 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0FA0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214750302-xKdiDHu_vecaYhXK%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D4%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=47C1A921-E190-444F-B7DF-782C140BB296&adk=2458199627&correlator=82705026356601&dlt=1662634067595&dt=1662634070308&ged=ve4_td2_tt0_pd2_la2000_er313.20.741.781_vi0.0.1200.1600_vp100_ts0_eb24171&idt=2439&is_amp=0&omid_p=Google1%2Fh.3.528.0&osd=2&ptt=20&ref=http%3A%2F%2Fpopcorntime-update.xyz%2F&scor=2817135673892170&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44752711%2C44754420%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=44d&sdkv=h.3.528.0&sdr=1&vconp=2&video_doc_id=2224400&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&ctv=0&cookie=ID%3D3d00281b3fdb7f35-2246f19415ce00bf%3AT%3D1662634068%3ART%3D1662634068%3AS%3DALNI_MbMeEOHa6YudTv-_jKY6PKzF4LXqQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_iHqFXwzL1hhMXhRQVlUcktrREo1dVp4dktvL1hlSy8yZEJJdExvWXQ2bTdJRzdjRWJ0WWxJeEd0U1BjN0hrWVFFM0hBT3NqYXFrOW43NVFWR1djbVNoWnpUWk9ldlhVM3RJVkdPUmFsc3RkS3JZazZjNTVEN3E0QWthc245M2JtMVc2anVzZEF6TStWT0piSnhpMWhsdm1Zb0ZJOUlvbE9HMTZXNzZRZ1g5WGpWZE9UVGd5cld1Zy9aTXFLVXd2emlKWkFpVjhnQ0JFblBvaFAzMG5OYU1qVXhvRVRGZXMzWEFKaExnck4ybEFCMkdZPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
520272
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 08B4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 16DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220901&jk=1106933977396237&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 08B4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A5MRwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
p
sb.scorecardresearch.com/ Frame E6C1 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1662634069736&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=425545&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2224400&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1662634070577&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=841&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
3lOcdlQkM5bb7VQvuPPdO8stM9zeST57MpKCzBSE8JkOEVxEa_BGbw==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=xKdiDHu_vecaYhXK&instance=214750302&version=7.8.0&age=220908&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=3705.2&relativeTime=1081.4&alt=0&sC_ID=8783&sm_id=2224400&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=dXhbR8Veqy&USR_ID=214750302&ST_usrKey=xKdiDHu_vecaYhXK&SM_ID=2224400&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-update.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.79.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-79-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 10:47:51 GMT
container.html
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6511 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Fri, 08 Sep 2023 10:47:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3AD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveHqOoJN-IgiSilJeEX75vT4jCQiFigVLcNxvMg5YUztJS74i20QLu_V6v9t1DGNJGvY15d0gGpJwnvE_yQG-6ML_ajfIB_5Ky1175xDmmrctD7OAMQZjPGxRwTCS8F0q2FdaXDWhssXtaXCWYt8k_Lifv_TVt3WQNJj3OcNPAUMGCYw8-ptYaTI71qTPHoibUfg5NbShPFrxAOrQD2S_5JvkUsu8ncZ-eTmGaY61tstiahSTeCAQtPTlqrxjoGoJFd8-G5-newpussBhWAVyNP1aWdPvSmRVV2EuS4hmqpR72pvSE-Opr3brCoQ&sai=AMfl-YSU4ujVR7Li3DLT0gqqzdnYmPmnvj2pQKxGixpg2o0UxQ5CHv3WkPaV8yPsxwFOfIr_KNkPeXR5926RTfxH10c4M38LgdG7jx0ExXsBV-kSnwgVD11DbD-zr9f-qA&sig=Cg0ArKJSzC1gK0j7yzI7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
ads59.adtelligent.com/display/ Frame 3AD6 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aada6605c668da3851ffba68a8f5d53cc2dc8ab80a8a713cc19a23f274403513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
14266
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AD6 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:50 GMT
container.html
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB60 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Fri, 08 Sep 2023 10:47:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5369 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Fri, 08 Sep 2023 10:47:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E035 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CB60 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF1t6CIoM0b1Apy5BLfSkfcnJ4kp1lHL1on22k2TO08Xl3eFNrrC8s9qqHjFJ7bNqCEYMM3hyCxuCq4ZNRk7dBggdAXvlfdY09da7gsNTIEE-bpDcmdldbHUWdBxgnFxZmLoYekB9jRQlJrQ4NrDmUgTCODw&dbm_d=AKAmf-Cyx4DyAO47232zsk8CfHBRyg-T9x4V85RmbnyZTpVNucIpeBct_OlF26soR1tFqy0NVMAHJo1XGUqxWAZhIc-BsfdZ9BYHLRgDupk7jfjzpKAjUzFILC6xuS5N0VL7IDckSmfcpFthx2jVNDpxfDJDhJ1xp1UogUCyPD4Z09UbintvRv4OEZKKlrvytpw2u3v1liA77g8bEuOPOzh_9EFXkB9wVuLBexU15G1OLE3mzpDsHPfsJNSDeodvUDn-7Xva5nDaY8IVob_k2JF01MONIxDxy6q7mTw6bYFwsERbIDl374_OMkfdl4yVgTZbZ9KdWYoNlMw_DH4smvYLjDjPpT4iyTF43Ef1dNtqjGqI0YwVezKqAbNE7YmZiPC-xUUmpnC0K5_CEDeImsEyDtrIExdTcNPU6UTsVXoYDGpO8xBkABDlkVK2Yyl2CEMswn8cJ8auLfkf4cQv5D4DQB8v_Ug_9ep5xBGQseOzAjzVHJFbgD8tu5aZWE_W6SFrQweoxP2DIBa9QvbWoB0A1odJTDr4Ws1Clr5sOmjSoP7gwhqVPlkwiaZukm3t_c6I2K5vjFkYr3aSdwZghah4ihPurAhmelgqtM2x0C1lDT1kTQp2w4y5P6lH7txhOBF-mezhoyexgmdInbXTBeGk7YLU98UbLV0Z0ulVaYT5AQlQ5L9cDC8F3eF4hqMeGkZDazvjH04Kn_AX8nuitM3XHaSnTR1x25IpF3SeNTh-noum5obuuXu5GfmEt7cXdW5ZNJs8PvCoqAW-Vv1bvwnsH6kurEklksjWXqz70KR3X0QdZJf6h0dPaOsA4ZpInWwx4CKRXIyiP0FgEyerMOvN3SseCeCoDIfpp0a7iE1lQo6phd207B8ITPBy_tcmCW00yMMnMqRtlFlfz2Df3MWpSGW50ztGvgo8jATAcFQjdgC84Dr1eTWeeX4ZivfuiMgdPOGANggYeuOveatMBavlCUwewjgZ08yI9nQ_je6SHrQn3ooiIu-ceBozNdWUR63Wi7O19kwOhxINyXyGeJED_6mXhoU72tpq6UaXUgsHwtIQBxrp3a7jzP1ifCnPKDNBg8O2wgXjBQFDwN4fHng3s3i4mjsme_uPeo2zPjKBwldh7jbiGpWzEIAhfyImkmjH3HiVAd6uEY9WfcoH1y2k0eTnhhRPjq_zoyZFciN2Z_f2NJO0PHdRuAaxh_1REmaQ4fZRnpN1-ggVam5XJxIT2SiG4KcmjAGC-Upk_h5zCrJvkgeHlsu98nZM6fTJTvRx7xJukSBNFM4Z6HNHWQr6RkEdy9YYm-kONc2wr-AUcfKaf4jLfVKgoR-uqPnnqtz5NdVFVaqp9_7yH-LmjvdbNvkUSRCvzDLPjo43nRpAUubh1Lg2iDMyd0PxnJ2qUkGoZt1ydKw1sF3zxx2MSWelMe0LxYBBiPuZLvNbqaFRkQTjzBpnf8JKH-n3XlR2lJOqsAkyWlVDUspFwJtBrRUDSlvQzH5pOOaptsPFmzawfjK1Fc0Gh_Fl1ItaGTHeyDv00sjKvA3hiq2zREgS8qpFDvvJB9NFx-Nn9-ZaXwaNqv6chIxbqLfJeCPwsGfEf2fdq_JRBEHj_NEWGrTGqWVmpq5Yuc3QGDNRM5deg4zcDTkOfftT8v6f3o8tBiYJr3_N0DdLjLZ8EMsAxCvMP6Dm2jbFnguH6ge0XOY5TtL3qVWuNE7U65XgBpiqqZYb_WBKKgjzdQ-vWQNhznKa_xLJsS6CNP8Onxl8hkQgGd9_CqVTF5uMpHdHh2cR2wnXmTxzMnbMw_xtRboRyOAxCxkjy6yOcG82roz9CIserEAhQ3VNOPv0-PNruBnTkCcmHyLTp3RLVTB57hvsian9Lb4tj4JF4-8ebaG0a4wT5h3YVYAf0DQhtqbmjXtR0i28T-oOm_wGzAN98Eah1S5iBTLweZUouqrUtbdu_o0spI7KhGMsB_z3jllWNP1arySkOTu2qDPMNVcu5GNJaJ5bgOJhZ5lVktr0XHNUQENIzFmXjIr8KewddPNYLCdeJ_wbFACZ9FCMs6t9yMsAOc2wSiaxccgNxOFscOl1e7tr-L1-jry61h6T2UL03pO_98oPMBfQrqv617-eL0X7_wExARiE5llOCPl_F5PdN8G-ZcddYF2r_ydJw7DP8jKhcymcaNUdoPibjVt7LwOpwCMZLRAbvvEUAy_Lj-beAwNs6dcym7QYW8K_EqFvmdvdnviTWHr6unOwfEtcuDWntF226aY-CS3IelTtThCkCojGXbOTLzPyOAhyCjkSoJabRM9VNjT2ny8535a0xH3lf5OP7qKActoRPR7YN06LYzSG2pFALkfKbE8aLi1VejQYQ5RvsL2_4eMARP-yrDXBdLwPNPB7i5IenlmbWX5HbvEEdeGNnQ0j5gvQgF-l6lprHH4f6O_5EEOQBQPvAwriGfVGWPLMhfdlOP5nh26Z7FpSQ9CbNuxE0Z3bJvBNqfUGJ7jf6UgdtI8xQGbEU5aIybZ7waf9ZeUaaRcJwNvehWbMZMvqo7IZ6UCo4gSgI-gP8xVGl2n1i2PXLue726zefEKVlw4KxevGfu-B_ZbU4seX0sihAxP2pI_c1g4xcEL-V9aFn4fKMIqtz712tqgamGCQlvgVoQO66xqSTAa0pLreLeCb6z3kzWF0QWudLXXGwOo0EiVoE-46bRWZdiTlMTPiu8YqxBu_LsC2QzAsGRxv9VJ6zX1UW-ToMBVPnB9rSH6hxraMz45ti6wVH-Im6Ovjb7lSgYtbvnxef7WqiwPnzJQ_bE2vfF9UESyQRgo8FemuKwtgxyTp7WjCezmTRFQBYnf3_vPIhhuOIgX67B6quEzDxnQBqY1dCFWJJdYt8Fry0bxuAqxJrvJ6beg0l4_x5Q_0Cv8ivOJ64cnOAUzYqlHYY08RLZofEGcnQSVavzWrXtE2HFh66BpRNtvzzrcAKVvYtkaYsVZprnWoKJUShhgtVuIRKTU_AJx1K06wXWCC9FnDlcJZO3RcE2ltdWeMJsVWkJ-OhZsX1lMLfZvr32KvX4FXt0j7k8YrLv0F7qJg0WH8vnfOn7GhCSkpC-vkJhZgYETwoktQ1ulpfCcMucxPd9If4m_R2lP_x1Yqa6a3DlSh25HvqHhA9qU5dMf4DYbHWl0soFDu486_dCQ0aTT-lcLhypOgvdd3qTCVnmAOjI9ato84QAc5UzRHTauk7iUPy_-T3zyXd7lp_24_DkzMJGIl2QX1Rwlmi6UPYCEcdzdXxxjLi3tHxbJ47kLDqNS8PJ8CBhXMSfO_-7QmyaVw6LwxFa8LpoqiL63stEm9f_YCr6SxQzU9Cwl6ba3utDw6b15BKtDfsMmL4C9eK71l5o9Zxlv3s3YjYrMFBvj8YnvMTd3wWfPbJfFd_ZGDngJvvdueBlt-qg&cid=CAASJORohRUkN4Vbtyj2P_HNPjFjSzJDFQGJCMnlGePWMfdM81mbKiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37f2c5f00e06e4c4c194c1dbade24df75e17cd54f190fff98c60ab179fc8d8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34859
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB60 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-FtaCR-Ki_rfTKJYFFmyENnQVoATTc4mAUdfBmTuKDRAb9Y37hD98mE0lBh91jppfx8M08QQHiF6QEm0QoPdefs1SKwsu9Vm3_-gnPgBxO0k7174
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame CB60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:46:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB60 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame CB60 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:47:40 GMT
l
www.google.com/ads/measurement/ Frame CB60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp6T3R-f1YJLJn0S7tpJiqKkEots4QjqZCNpmNe5TQiCv4VBIpINOYtdUImAC5d5PPOeVEO6nW_4_voJ3lEA6vs-oMog
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame FF64 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5369 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApqRU8UbU4NEu57uOxZsMKMP3XVomRIFD7Ai-IVzdrFAZ7qpi4l5_YwAi7-APRy3lRYdGi_Pgkd5x0DRiOPCC5ichYLGvnl5cZjfZ7V4FtmX8k_cJXbei2RFe7UNaEUeQ6UJ5PABgyNIdk0GV9eH_HTrw-YA&dbm_d=AKAmf-COkSNTi44WMfTj24_9Gzs17T4Jh14m6YLOHMb95SKv3td6rFv7FEij6dguEvHDQ9er6-ToMMOyqHJMRUbn9Ot0UozWAtD8NziUKoSy1Liy7SBvXHlHGO6N1UBZhvunIF3vzGRWE5hsvHs3vFXdSRTiOwt_blOjpNqFEYS2WjjSeTpJomV52yYEW5pTUw8rfn0oPvsBBIk3VAHLlS_hhxZBK4hrgxf_nPud_hLkNKF0KfcZ1fjyGaOM829OHYAkDHLyCGcQatfzocDmbuCmylUSnpEje9I-Ru4KSGp0FBMXjvHWLoepEQC0PDhHhjO9Nci5q30fkMn5pESbWXP4buhJt6jH3mOMoN_5jC4C-9UVbjm7O6pUhnPDG-Va1ydxPj-hFne-o-y75ZxWljBlt2i4yMfyJ4BXZy8s-Ex02ZG6Ojd9Pwxlp9hVdO317SUHa0DHPvqPGhT7z84F7O0TQEy5ds44pKWduV08jfCQxx32NLnE29NxDcVYcP3dgMMn-2EdnhYtQpEOlvMfzZ_gGfFqmlPu0Qcg-ca5KVwyf_I5sfwTbnh3BDyWF76UOW4u4pcbv5lDFkv4iAnz2SBrGnXzTTf3vd-NGIe14LE6xmuhPlk1aN7KSDFM57a9JUNQjKHNDuB_RhAqaw83s8vVGox2kj5PxmhupVYTvVI-ZNHdrciqiFCt0-BRK6Z18m5FWLbQOk_DU2cNiSXsyzcS30pGcr19P9eQo9d3sWewNU1XUwKNyLs8aoSDvXqCmnKB_Y4vWsfQRXfZCBxsgTOuK510R6KRq5MlmOZsGR35C7qqKOazwEMGDFlFdIqiO_fs9VktfGDRnaaQ7qRtCQlmGzRtTQBjDNGGnuSUI_6sLesgZs8E-Su-fEfIjPBLhcXGRZf4sNgzt9s9mhZQR_xIH0Tsj9Iqy2_kDaEQ2fo0rcKrIBKuMqRFyqgVCDZUJhoFy1DJVmnwphp10lFuv-5hjDMln4RTl8eelmk6o-VaH-Gu0f5Y3-ubP1PPJrxV2u25iNCzPrQjmli-GYVP7d6AA_-LqQ224EkoIM58gae2zjdz3fc12hgZqh5NWz9vo6CLoKoNig-QWujbzcMXlScZVCiebaPEDlP_qekIO4Fjk3GirACA53Tqfa4coAo8TJIgH9CFkWh2nyqp2MYenwAz_g6qAmAbYzcicz7UZAfOXlLaBNkiLFbg5H8nGm2W4zNCUUcdVEv92kOUmQukbLbbIeRTJh4StQxaFUl4GvE8_UKxp-qZpPAroHtKqd33ZuWDdeZnQyEUJcrppGEHQqfizn9YTo0d3HmB5NtzRyzDAKMkgbcyPVlR6Uegt_EzdCy3mhKIs89RYa8XzpjeHPFgs74gxNyObMKGt3IoJ6ZT8eeYHOOv_mEkgmPykw5lTxb3MR-VxZcVG092oEmuwC2S1_mApj-mSZ8_E6bL6Nk22mg9eaJ_b2ay-LE6bIp2-j47ZsEOi9ImL3Gj5xorGAkC-vG63U5jOCxNABS4q_WtxUqwva89ciuxT8ZEcal7eDvX_tqakFxH_nttWUPU7zmJayZKLpknrI13k1MJD0eLPDsvCOz_4ObbhfAhqUvJq0yis0VAnQbe1UkvTw_eg1lk89WFJ1rmySLFbzH0RUVrrbepiSLMeEdLimyIdFRHy1gAiLIyIOeP3rIdMqdYzNNkii6AQsxIgMy-nYJ9FXxmgJ2SaCwTU0EUoJvFlQ0pbG-6E0asNjQTrHg9X6r11VwTXmMh7HidXXNiSXHwkFsML1QvTtMC5Es3E1My5tg_JdJ-BH5TZv0bhz6JR5n4USa2r4DiYUNLKmJxOQC9im5DTCblh-T-0SDsGzKjdltn-rJaamOo4Dg0KFMjNwNgVLD7ZpscpIqm7ClQOu1yOfxP4hgOoKBuj6AZgVt8wWC04eeu6PDbeApjF9QMZaq-LKMfhTOzJbLyWb8teFTGv_iwlklhYm2zPw3cBJI98vxeCQs8ytBYluWCtamYV5q8HbkPJEIG6rQ4GQrvkxpH37mOpBO89lW7l8NsJOSfTCBkZTqXyMA-5bZq8xFhLkQta0ZREzqBqJQnTpcWVDMN81lQ9TlBEcq2pfiDd_BqnSPcwkpbPz6Y26jX5Dq68fXPHhRN6IJuPM7N5OO9V93vFB9DxQkYFUNvBKVa44ivI8ytYjBNfCj9VFGtpKCg4xdF7ICbTOetlbvg41XZGpQWAkaOZD-c-HFF4T2dFC_NvnY0rMASfKLqCvx-k8gR89uxAJrlVkGZVx5T4k4lCWRGe6HETwcksTVGEOSQS3dxL8NtH9quVrV4OtlVcuhOJc6dr3W-iUKR3HILuE7iOjOw3DTMPm9mQ55OIuHn6O-1l1fZ2orrT9hmgjF2vv6xyyYmxzjarxfyF0VHvdde6-jNgTq-SDJXtrmBeWjI6kdh5E5xT-SIxle939No0HLPmzNn1DLJ44DJFurQtwrPut1o0M7PvPQ-Kop7lFhH9NG8HVtVJynE0ii1_4A-6fApdtZfbg2pYz5fAmf5e7TE0PKAiCSuoL8V7XIdDs2_m_7nIksPZ0EidlCr7AMlKaXIesLb6w01JABd0fPTajXBVgMymfRZ7_7lK65PY3MfMrBfAhy4TXzfTqLM0VulxKLNs2OuL4Wnsy55McmHU1wL8fkIR7eig6TIHSlg3GB_ZDBffOYIVKL1azBZSWUxhbIADTdmHJRNVzwBCHBLvlbl2KputUvUCDKzoDFqDSCKRZg6rufs-E3YDjxk-ChjQOYE_qx2jrIjQtXpaEXj_uaXiBb2TZb-_Xit0J4Cqlx_gaKw7J5KMwL_ieSYo4YCK7pZfDuPmvWgOiwbnkHBafNK3dL8r0zxa-FRwRtWXeih0_WBvKNTvw1Io8KMpEKrIy9Rb-wL1DDeUwfW1UA8ddD8rqI6nu7nAxjmp8mUp2T2Yg-6t9rrlQ2xhd_7I64UnzfyQP9noqRRlejLZZ5Bx5IFLqZAiQ3QkAjN9yqI9fw17i5iusMduKdqWk1D7cggPPHDoteYFJHWuWDdjOPZmHDJpl7h_Zbx1fTGf5ruahQvmQV0HTuXOEmgV3tU9RAEMigqeI2lOx0if0uytlcTI5EXzJD9VG6JcW_M-rF_hu-DX9AhlKQKFU1_SnBm9grrSWcvGZfYJsQUHJDWgqIbnTOzAJADqPf1LC-zYqBqKrmMoh33ah7tLxytbTc26dEGkiwtTuC4nM_qEE8tpWYadJYBhXGJlpEQv891Zdg107Jn3itllPIDHK7G6mOxIQl_2-Vv637TBYTJ99SuvgCzUvl76qsb05ZBs_nHKICp344btqzEy38ZyhMdKvNfYyL2JivyrVw2LhjUTap8jygKfw9F3CZJtnW41URj6Uix4pEeYpQQWt4HIdE8S-Tq4kMp&cid=CAASJORoT5ADqq8DGkY6cbX4lDG0y9LufiyUO-vvivodhYtHiaHkKyAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df50c1ed3591dd5aff0ad801fb4bbc6d56527218bd5709260b4fe1ad1ac4dc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5369 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvxU9HbXjGzY30N1RaZL02LByWvJYQbMjbAnPttXlsU507aDEKX1fd6DLWUoWoi9ryu-Waj1h_qGrSqXEQk1-GnuDeDqhoXz5WXU0qQY0Sx6fu2Ew
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 5369 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:46:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5369 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 5369 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:47:40 GMT
l
www.google.com/ads/measurement/ Frame 5369 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd--YdmMu9jHVHye6boFK76PnjPBVMLMmGaEbyywTl6I9vsnlrag0X5GiH0rV3uPBQzUnjn-ym0mtqUw9yZnmEx5iw8A
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 849C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6511 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVCM6l5l1fl6OBkmVOhHDi9mUI2sY1sx8dOV3R4XEKDey1B9motsRcldEHQEIj36ilq-ZCHnbR43EfkTxvMMQaEvlu9eG3L1sqEeeKNxvPEht0YUR-HZ338ZzHjwED2OO36XGH57JBX-2fSr1DRfSnP4O2WQ&dbm_d=AKAmf-AAgxtQAFzhhRkArZnMWWdTm42zk_3gI_HuenMeCsVNYegcas17FFgW2MOH7fU4sdYyFyh_PSjB1HhmBSjwZo4m4ZLhL885_Wp-i3eOKQqxKZkb8JMdUCY-nYH5FpzVzcve9Xo68R35-5ZnnPXDrYD4ek3q4N_oxmAUoiDtRfasFBogYedTUjRp-oMsPo7wTz2Pi35S_xhqKj4F8hCnSVUnPMrZDgTcrjSHD6m-HgEszHg4XiVowhahbL1OltHs8BOHiIQwa1SBhb1V-zRnOk5HW02gQd8u8zVDO0bawjcQOChOykWU86lncMyHOzAYNBhAgk6xwXMxnZOP2WvDxP9tz8GQ-hCwPLtCchm999s3GhYZeffZmZ79jTb6SApi684B4RHTQaO1_-yY7OfMGO3IJ8DZSeRQQ7XyCjgbE8KI572hY5uS3xeAsIvxwzDH4eb_dk5TsZCXDRhyr948Sz_kwjJNN2V7EuqJriGagGRXtgt4J1TW8isS2F2gS3QZxGiJ-OgzsRCyFFaqQar4P35z1Hc0USmnckYhcXWrlAk2ewxcfFEP53soMLZ7aU2xX3l_fnkH0f6e1Xx-uMCFMqiEXRhQfZBE43_Y8l6PwsKH1XdyQNwGQYaofWkr4cNk2idQDGU5dRzParEtX9jz5uPBMyt7xcETq6NFq-BmoDcOdVGlHNgsuC2Ym4P9vMNxgSo3eRB_HosKksIlAW0L3-mlBlSRqFsOIHZrad0PoMNU-buGbzKZIqjYivnEUnJcFNVAuwo_SwQ-Gu8Ba5SL6lt5wCnj-hOA6YEwSiQaoMOYkeWNy-8MqcZN5SetfAtLZcoqqpzcIGTX3RSfr_9WQphTfkk80OtJFhDjsu1Qb4tOA7PEqLU8cj_1FehcFzm6WCBK7R8saLzsQMrMDgvztv1sNek-S0XNdc7BLsynWcn-ynkImEYzo04HsIs-3greHLgZFMIbIicV9jPia_7jmOohAnmqV_5avB_UzoWZufVDI8VUaasSH-ltCamG3GPNdZZqqUuiKr5lzG04Lzs-LxEMDTBHTXQI_UsMoM8iEDM9ocRrJMd-KWMbL1fpyEEjw7t_OefGDzqvrtO3hzPyoFZmMv6dlJDH04P2xSu7M3sqqpCsZY03GO0dATR4OnN-5eLnoVa_p2KPqtuZzDH5grShNfUkloKy24uEEjy9ou9u2qMnO6BQnQ-pjz1KyB0QIPGGpultUQZG_I2BYYFknj2HFsobhPmRVP-ZhVzHhq95M7IR8uhgopMLhWx7HRHAs0m4fVnGY6uxTSzd-hh6D2M2aoG2vJGjb69R6Oqlt2AAGdgaG8tu_W86wRpjuYKAa7KDF45b-Lqc83N1jBvBcg2gaS2u4G-xtvcypQvZ1J9tCrBjeAOT6iDdF73bOyTUOFYFY5s1yMevR7-Q8R4aLAez7MYU-gkajgVXRYG9cw5WRfY20O5YeFGuSgUut5Sdxco5uenx2WJ-_wqiKHT3zTxcd3SS2lJH-Y3PpUGKvSLOTh9AqVQ_SshTmf7viNE1YnnZQqji4I8uUzMjN-DDlyUQiwEBG-6YJEUbGVqUn-oZt9kleaVIjNlG_dBAihwEOay-G5WmH-1tVuRNysbhckmbn0NVevfWKqt7B-bPhMFa_BjpqPpiDGxirf6JmUOtr6-gFVsz83O5pPavubgGco55RI9RQ4_1RBgJHVgeGVMdaRMcD3VytKWRLkbtWtdMEJqGo16RkmpZc40g40x_S3ykxHVaKoOIkIx5xPH6lK0yUi8Fqqam_pb76QTGZHnfZ4v4ZctqZI_8TOX8X0o8alu5tRPiMg2iemclauxhatKTVF65dDBVtIfw2D9Pz3ISzYTzJojtCAV0cTkJcnXrHiNZMqQYSD3b4ak7ssBa7TPDuN0KHCmV-l-ncvUArpr9DCK5l4Pasj9d3aYADfK7k9fT0LOmRrhriJTXBuiPYUHZA10xPU2ClOOwttxzepwqHbThe9kzjBbEanxYjHg_NK5Gwuta69cG1q24oM0aR31k2MR1v9HYFg5uBe39WaWr9nPt1foNT0uIiA-C6c0cxtjZcFbrXpOi4mDOK2Zrndmo5ylG75rK_mQPEtvVrdxRMlVWSm8SJZk5iEsI2f-CZLzkwQFvAgwlNVljpsYWwhcNs0cPb7zoU4Eq4G5RX9_fixB7h8Ws4FByHgCqh1GoPY5Spten0DqAzPZDYxgiSk4WnOVRag8GO4hZemmYqZoto-aFs7KU3z8W1yFt4gXm511VLaznEC4e2l082MQ5XhklcH5DyMrhXrm9ZzM3wcMzzCcw6RydT3seqdhJDWb_hz1hr2mpUa1aPY-cBeoEWTKfyoOnajr52mmjbkpjIU10s6S8tVE3ruLNI7V7va4v4gF-8f9-lmKBfFfUp9Y6FyJitTg4tZim7aWxCxErk2IKRqtchuJXWkh16MNgHfGEnXcxZ-qwO2mbH43dW_Md3oVOfIPOVLs5SwmVzakctsnWgD658uO737wcW4p2XHDavurQgCrEWNlbGdHml8oJ6oeDsjDQUzAmoA2fcSGSq7uwiVCsy8P5Wnj3--2Hlk0FIhFHHf5dUQpl1RkJAKhJIdzE1tDTVLuYkXDGsEczp1o6OzoV2uWcvj9dLASM74z1B9pCnjLp3FOdjLRdA6iZ_9QDXEtijEoVgRSdPvqmLPNjDqI5N5sJZnRSqiBm0oj_QgphKJ5K7nUn_7PI0EtEdj4dvMAV1uTNjRWnhvsoW0EnABUOY5WLCrux6dfib4-oqzhe7KF4wAjRtLqnKO2qUTyri-dBKZfX60P0NVDCcM29OpXPDj_f3odRGcK7Yc76XwPSWRkh05CbIEjALB4meKULfessbZ4JKMMHhTzRxcfRBHkf8fpWnnBOE13gD6cm25drGOYXY9pPWu24dqdFBsC27N5bm07adgwe1U6RL85YqdXzAXIm_iccnnOiwLpx2CfiOAtnFA8c_KK0IbbD5wi6dZNHwM2Tdqjxtn-j7dTk8HUqdvOc-ZeJ1emxD_mzgc-I4ldCPflUy3mCgKyvhvEvL4zooowmkMpqOFU7LQl5yzL7IG-ZRqPZnyfikYplbXXnwgDRued0tOPA_WuSyTapSkoG6lJSTM5FeSRI66gisNPOiLFwf9nUBs-BdUc0JB2OWBEzRQCBpHZFDUxheqLd9pKkois-FuIidqg8MI58aEtll1ztGc82pulkPqT4aeP6xetTbHxUTgcgH4V8JyNt9C5GZ5UY5jwTHnV80C-3pJf7Irxm-yF7vhqOHrdyPTi-jxT7ZaJrbMZOCYysWXiAyZ-d5LaAVwdiDpfv7M2thd3MUBCm8mYMI9B4PLjeHEJJLt6An9rHoWPEgrdlfY_uf9sN8GJPtgUycocgW7bHx4H_mgTA&cid=CAASJORoDUPtdZ2RqW4HZFAB-K6iZw4UVrg5xBGu8bse7prNscywpiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3498ce92b0cf0e6d715fb8728839f08f3fd1d0ee42052a72c3c988f2d9b81e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6511 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHFnR3tkbOS5iiowybpQr_veAiLyfnPYBAL9y6AoRTA-ff5kElSdTJZGdwOvccTYY89T4tTa_4lhzxAquoMMORkRDrOcxP0kt6Vw0ADkd7ea7oFSg
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 6511 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:46:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6511 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 6511 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:47:40 GMT
l
www.google.com/ads/measurement/ Frame 6511 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_H44fbXCK8PccSHfxAmuEJ29OK8-04lQyL-UdHrXjghevGXub7kL-K79-i3AkqOr5EH2Aks9deBMQri3Z2JJurts3Hg
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame E035
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bbfc8ab91f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dl020Bqm6xlhcvBsnOrHLlD%2ByhTTT3aB2HJQS3dQs8HKUHO%2B8ElV7t8pXz8EwdjLVT8A8F9KUGB4UTljPM2iEOZ%2Fc7%2B5IeTaJOwFQwLxnoSSLtp2vD968bwgDP9tTY%2FEFOGXasrnp%2FubSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E035
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bc15aa991f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYAdAtnQZUfjjItaypqRopdScGHOmlt5R8UN2AFT8dBBaNWXzm0K5A3s%2FO4BjyWDsaC9Ts0ZEXJ7ovPdTEuqlLdrUodBrh%2FOWPaoQSmtiUyoAssMsM8sIVN2kVj%2BP8k4nT%2Ff3aa3S1TjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E035
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Protocol
HTTP/1.1
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
04e8f423-67d0-4062-a3ee-f3eb115bf785
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E035
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNWxzakCAA8ePjhohjD5c62gQa_y2kzWl-AdB8kjwPo4M1SeBW7sA16i0L5JeUJpIhC1jRZHkg_SlKM8M6hYnuVIHRXteU7-tFggEpO-3JWX7ITnyQEmsFHO8Hww5w8D6lSeO4MN4hgUv_7hAV2ohTCDMdwRZFJKA8tn3dp74JRiZnTY_aGXvTyC2oJtyLYTzDKO0jXipDQzHKl0bI-f0GPB1SuuFQ
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:50 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e65ec7ab-1e3a-4762-ab4a-2d1bde9182db
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 3AD6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5cb57507ef30f9c322c3a42f6332907030b2dc86b7009c77696380fc339644d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame FF64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bbfe8ee91f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foGvVDaiXy9PamyKbIEFtFh9FZTyN3nWch7dP%2F%2FDXan4l7%2BHhHZB%2FThLmqfChaLwifUcT%2BB%2B9d4XjQm%2FNlFd3lX%2Bi3vgTAzu7dgrQqFh%2BCzV7QJdbRfYCxmXY42CQps0spuNcxOrzmssHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FF64
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bc16abd91f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmckV84KESTWkWpLITwRwzxQf7w0%2F5SAvXYxzTRmMZJfvzLDDFK9C72dpkhx27PbZ5woCEKLb6mZ6Y720T49xcAFBGBlNLATCBO8WPbE8IMl4%2Bx7%2B%2FMc6NhCrJZJAgqx1zG8x8HgOPP84g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FF64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Protocol
HTTP/1.1
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b3a23241-204e-408d-b283-51e74a2e5a60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF64
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNXVldZNtwkKY98SGVmEM6XZ2s8q0YmKMbjLoRSi0I699erf4Caoez4zdzHKopk8VJ08Kc0fDA-NRHAXLEv7Qy6cOARu69_wTDBybm8Xn42J5PI1kt6CXU1j4Vh4jxiTPWuLIw7H3FBDk5jS3rPRexu_Fz6UiuzzYvBcMqPZJEg54Kp78b-ykAH1yOkjy8-lSV8kSiW5nWehfFIm2jLBFF7OJDKwfg
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:50 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
40d065f6-6fd3-4e9b-ad5f-fd8d8c211807
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 849C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bbfe8fc91f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOq7EKdhM0yzZxOROCFGHdnngz4ElCfaS2lIuSqMZjHor8CiXEwnogOoGt6jnyyAkJPGLGY83ZO5tcphijwF8SA21dXAnE85OUKHEX5PT3fiSA3zC%2FRapTvWdM9i8MIxBhs%2F3gyNWyTm%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 849C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxnIVupxL.Q16n.AH698rAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bc16abe91f5-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0cYRypEGwt6n7UCOvJ4xDZ%2BMhbmsNuufQwvrHjYYzJwyMJEkd3WaYwmAFabuIFLafD%2B9OVsivpHVhieNIZqwDkkPxcZzCV%2F4CQ%2FoKR1yKC0noR5Oxw3gQhlnceXfAQA2Ujs6CVuyWRBaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKK21X-2Yj5m7IO-Wth6YY&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 849C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Protocol
HTTP/1.1
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4c4b9e2a-488d-4637-984e-ea4b8a0809ea
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFslYuCqjrBvGZcWKsDML98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 849C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBz7zGATAB&v=APEucNWq69Ypb0WUleoezf6zZ3VHGPAzrLH__CbfysfNchlKehWo_PWAs2aKKTpCiYjveM98oxQez6QcMZ2croiij_zImOG4Bnz5ocYczWzK_ZsaZI3_wh2ikCn_D8T0svf5kIHPbY1SJ53B0osnp2Nljrmk7PR_2HCdQpqfvinIdz6i45hVz65VDlVL4HkxGsZ6QiIFK4Ym0yePfFziABZh3BhiCHg5iQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:50 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95c6ba1a-8575-4457-a29d-5fcf3b677d53
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MzQ2MzA0OTA4MDM0MTgyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CB60 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Origin
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame CB60 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF1t6CIoM0b1Apy5BLfSkfcnJ4kp1lHL1on22k2TO08Xl3eFNrrC8s9qqHjFJ7bNqCEYMM3hyCxuCq4ZNRk7dBggdAXvlfdY09da7gsNTIEE-bpDcmdldbHUWdBxgnFxZmLoYekB9jRQlJrQ4NrDmUgTCODw&dbm_d=AKAmf-Cyx4DyAO47232zsk8CfHBRyg-T9x4V85RmbnyZTpVNucIpeBct_OlF26soR1tFqy0NVMAHJo1XGUqxWAZhIc-BsfdZ9BYHLRgDupk7jfjzpKAjUzFILC6xuS5N0VL7IDckSmfcpFthx2jVNDpxfDJDhJ1xp1UogUCyPD4Z09UbintvRv4OEZKKlrvytpw2u3v1liA77g8bEuOPOzh_9EFXkB9wVuLBexU15G1OLE3mzpDsHPfsJNSDeodvUDn-7Xva5nDaY8IVob_k2JF01MONIxDxy6q7mTw6bYFwsERbIDl374_OMkfdl4yVgTZbZ9KdWYoNlMw_DH4smvYLjDjPpT4iyTF43Ef1dNtqjGqI0YwVezKqAbNE7YmZiPC-xUUmpnC0K5_CEDeImsEyDtrIExdTcNPU6UTsVXoYDGpO8xBkABDlkVK2Yyl2CEMswn8cJ8auLfkf4cQv5D4DQB8v_Ug_9ep5xBGQseOzAjzVHJFbgD8tu5aZWE_W6SFrQweoxP2DIBa9QvbWoB0A1odJTDr4Ws1Clr5sOmjSoP7gwhqVPlkwiaZukm3t_c6I2K5vjFkYr3aSdwZghah4ihPurAhmelgqtM2x0C1lDT1kTQp2w4y5P6lH7txhOBF-mezhoyexgmdInbXTBeGk7YLU98UbLV0Z0ulVaYT5AQlQ5L9cDC8F3eF4hqMeGkZDazvjH04Kn_AX8nuitM3XHaSnTR1x25IpF3SeNTh-noum5obuuXu5GfmEt7cXdW5ZNJs8PvCoqAW-Vv1bvwnsH6kurEklksjWXqz70KR3X0QdZJf6h0dPaOsA4ZpInWwx4CKRXIyiP0FgEyerMOvN3SseCeCoDIfpp0a7iE1lQo6phd207B8ITPBy_tcmCW00yMMnMqRtlFlfz2Df3MWpSGW50ztGvgo8jATAcFQjdgC84Dr1eTWeeX4ZivfuiMgdPOGANggYeuOveatMBavlCUwewjgZ08yI9nQ_je6SHrQn3ooiIu-ceBozNdWUR63Wi7O19kwOhxINyXyGeJED_6mXhoU72tpq6UaXUgsHwtIQBxrp3a7jzP1ifCnPKDNBg8O2wgXjBQFDwN4fHng3s3i4mjsme_uPeo2zPjKBwldh7jbiGpWzEIAhfyImkmjH3HiVAd6uEY9WfcoH1y2k0eTnhhRPjq_zoyZFciN2Z_f2NJO0PHdRuAaxh_1REmaQ4fZRnpN1-ggVam5XJxIT2SiG4KcmjAGC-Upk_h5zCrJvkgeHlsu98nZM6fTJTvRx7xJukSBNFM4Z6HNHWQr6RkEdy9YYm-kONc2wr-AUcfKaf4jLfVKgoR-uqPnnqtz5NdVFVaqp9_7yH-LmjvdbNvkUSRCvzDLPjo43nRpAUubh1Lg2iDMyd0PxnJ2qUkGoZt1ydKw1sF3zxx2MSWelMe0LxYBBiPuZLvNbqaFRkQTjzBpnf8JKH-n3XlR2lJOqsAkyWlVDUspFwJtBrRUDSlvQzH5pOOaptsPFmzawfjK1Fc0Gh_Fl1ItaGTHeyDv00sjKvA3hiq2zREgS8qpFDvvJB9NFx-Nn9-ZaXwaNqv6chIxbqLfJeCPwsGfEf2fdq_JRBEHj_NEWGrTGqWVmpq5Yuc3QGDNRM5deg4zcDTkOfftT8v6f3o8tBiYJr3_N0DdLjLZ8EMsAxCvMP6Dm2jbFnguH6ge0XOY5TtL3qVWuNE7U65XgBpiqqZYb_WBKKgjzdQ-vWQNhznKa_xLJsS6CNP8Onxl8hkQgGd9_CqVTF5uMpHdHh2cR2wnXmTxzMnbMw_xtRboRyOAxCxkjy6yOcG82roz9CIserEAhQ3VNOPv0-PNruBnTkCcmHyLTp3RLVTB57hvsian9Lb4tj4JF4-8ebaG0a4wT5h3YVYAf0DQhtqbmjXtR0i28T-oOm_wGzAN98Eah1S5iBTLweZUouqrUtbdu_o0spI7KhGMsB_z3jllWNP1arySkOTu2qDPMNVcu5GNJaJ5bgOJhZ5lVktr0XHNUQENIzFmXjIr8KewddPNYLCdeJ_wbFACZ9FCMs6t9yMsAOc2wSiaxccgNxOFscOl1e7tr-L1-jry61h6T2UL03pO_98oPMBfQrqv617-eL0X7_wExARiE5llOCPl_F5PdN8G-ZcddYF2r_ydJw7DP8jKhcymcaNUdoPibjVt7LwOpwCMZLRAbvvEUAy_Lj-beAwNs6dcym7QYW8K_EqFvmdvdnviTWHr6unOwfEtcuDWntF226aY-CS3IelTtThCkCojGXbOTLzPyOAhyCjkSoJabRM9VNjT2ny8535a0xH3lf5OP7qKActoRPR7YN06LYzSG2pFALkfKbE8aLi1VejQYQ5RvsL2_4eMARP-yrDXBdLwPNPB7i5IenlmbWX5HbvEEdeGNnQ0j5gvQgF-l6lprHH4f6O_5EEOQBQPvAwriGfVGWPLMhfdlOP5nh26Z7FpSQ9CbNuxE0Z3bJvBNqfUGJ7jf6UgdtI8xQGbEU5aIybZ7waf9ZeUaaRcJwNvehWbMZMvqo7IZ6UCo4gSgI-gP8xVGl2n1i2PXLue726zefEKVlw4KxevGfu-B_ZbU4seX0sihAxP2pI_c1g4xcEL-V9aFn4fKMIqtz712tqgamGCQlvgVoQO66xqSTAa0pLreLeCb6z3kzWF0QWudLXXGwOo0EiVoE-46bRWZdiTlMTPiu8YqxBu_LsC2QzAsGRxv9VJ6zX1UW-ToMBVPnB9rSH6hxraMz45ti6wVH-Im6Ovjb7lSgYtbvnxef7WqiwPnzJQ_bE2vfF9UESyQRgo8FemuKwtgxyTp7WjCezmTRFQBYnf3_vPIhhuOIgX67B6quEzDxnQBqY1dCFWJJdYt8Fry0bxuAqxJrvJ6beg0l4_x5Q_0Cv8ivOJ64cnOAUzYqlHYY08RLZofEGcnQSVavzWrXtE2HFh66BpRNtvzzrcAKVvYtkaYsVZprnWoKJUShhgtVuIRKTU_AJx1K06wXWCC9FnDlcJZO3RcE2ltdWeMJsVWkJ-OhZsX1lMLfZvr32KvX4FXt0j7k8YrLv0F7qJg0WH8vnfOn7GhCSkpC-vkJhZgYETwoktQ1ulpfCcMucxPd9If4m_R2lP_x1Yqa6a3DlSh25HvqHhA9qU5dMf4DYbHWl0soFDu486_dCQ0aTT-lcLhypOgvdd3qTCVnmAOjI9ato84QAc5UzRHTauk7iUPy_-T3zyXd7lp_24_DkzMJGIl2QX1Rwlmi6UPYCEcdzdXxxjLi3tHxbJ47kLDqNS8PJ8CBhXMSfO_-7QmyaVw6LwxFa8LpoqiL63stEm9f_YCr6SxQzU9Cwl6ba3utDw6b15BKtDfsMmL4C9eK71l5o9Zxlv3s3YjYrMFBvj8YnvMTd3wWfPbJfFd_ZGDngJvvdueBlt-qg&cid=CAASJORohRUkN4Vbtyj2P_HNPjFjSzJDFQGJCMnlGePWMfdM81mbKiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:23:16 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame CB60 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF1t6CIoM0b1Apy5BLfSkfcnJ4kp1lHL1on22k2TO08Xl3eFNrrC8s9qqHjFJ7bNqCEYMM3hyCxuCq4ZNRk7dBggdAXvlfdY09da7gsNTIEE-bpDcmdldbHUWdBxgnFxZmLoYekB9jRQlJrQ4NrDmUgTCODw&dbm_d=AKAmf-Cyx4DyAO47232zsk8CfHBRyg-T9x4V85RmbnyZTpVNucIpeBct_OlF26soR1tFqy0NVMAHJo1XGUqxWAZhIc-BsfdZ9BYHLRgDupk7jfjzpKAjUzFILC6xuS5N0VL7IDckSmfcpFthx2jVNDpxfDJDhJ1xp1UogUCyPD4Z09UbintvRv4OEZKKlrvytpw2u3v1liA77g8bEuOPOzh_9EFXkB9wVuLBexU15G1OLE3mzpDsHPfsJNSDeodvUDn-7Xva5nDaY8IVob_k2JF01MONIxDxy6q7mTw6bYFwsERbIDl374_OMkfdl4yVgTZbZ9KdWYoNlMw_DH4smvYLjDjPpT4iyTF43Ef1dNtqjGqI0YwVezKqAbNE7YmZiPC-xUUmpnC0K5_CEDeImsEyDtrIExdTcNPU6UTsVXoYDGpO8xBkABDlkVK2Yyl2CEMswn8cJ8auLfkf4cQv5D4DQB8v_Ug_9ep5xBGQseOzAjzVHJFbgD8tu5aZWE_W6SFrQweoxP2DIBa9QvbWoB0A1odJTDr4Ws1Clr5sOmjSoP7gwhqVPlkwiaZukm3t_c6I2K5vjFkYr3aSdwZghah4ihPurAhmelgqtM2x0C1lDT1kTQp2w4y5P6lH7txhOBF-mezhoyexgmdInbXTBeGk7YLU98UbLV0Z0ulVaYT5AQlQ5L9cDC8F3eF4hqMeGkZDazvjH04Kn_AX8nuitM3XHaSnTR1x25IpF3SeNTh-noum5obuuXu5GfmEt7cXdW5ZNJs8PvCoqAW-Vv1bvwnsH6kurEklksjWXqz70KR3X0QdZJf6h0dPaOsA4ZpInWwx4CKRXIyiP0FgEyerMOvN3SseCeCoDIfpp0a7iE1lQo6phd207B8ITPBy_tcmCW00yMMnMqRtlFlfz2Df3MWpSGW50ztGvgo8jATAcFQjdgC84Dr1eTWeeX4ZivfuiMgdPOGANggYeuOveatMBavlCUwewjgZ08yI9nQ_je6SHrQn3ooiIu-ceBozNdWUR63Wi7O19kwOhxINyXyGeJED_6mXhoU72tpq6UaXUgsHwtIQBxrp3a7jzP1ifCnPKDNBg8O2wgXjBQFDwN4fHng3s3i4mjsme_uPeo2zPjKBwldh7jbiGpWzEIAhfyImkmjH3HiVAd6uEY9WfcoH1y2k0eTnhhRPjq_zoyZFciN2Z_f2NJO0PHdRuAaxh_1REmaQ4fZRnpN1-ggVam5XJxIT2SiG4KcmjAGC-Upk_h5zCrJvkgeHlsu98nZM6fTJTvRx7xJukSBNFM4Z6HNHWQr6RkEdy9YYm-kONc2wr-AUcfKaf4jLfVKgoR-uqPnnqtz5NdVFVaqp9_7yH-LmjvdbNvkUSRCvzDLPjo43nRpAUubh1Lg2iDMyd0PxnJ2qUkGoZt1ydKw1sF3zxx2MSWelMe0LxYBBiPuZLvNbqaFRkQTjzBpnf8JKH-n3XlR2lJOqsAkyWlVDUspFwJtBrRUDSlvQzH5pOOaptsPFmzawfjK1Fc0Gh_Fl1ItaGTHeyDv00sjKvA3hiq2zREgS8qpFDvvJB9NFx-Nn9-ZaXwaNqv6chIxbqLfJeCPwsGfEf2fdq_JRBEHj_NEWGrTGqWVmpq5Yuc3QGDNRM5deg4zcDTkOfftT8v6f3o8tBiYJr3_N0DdLjLZ8EMsAxCvMP6Dm2jbFnguH6ge0XOY5TtL3qVWuNE7U65XgBpiqqZYb_WBKKgjzdQ-vWQNhznKa_xLJsS6CNP8Onxl8hkQgGd9_CqVTF5uMpHdHh2cR2wnXmTxzMnbMw_xtRboRyOAxCxkjy6yOcG82roz9CIserEAhQ3VNOPv0-PNruBnTkCcmHyLTp3RLVTB57hvsian9Lb4tj4JF4-8ebaG0a4wT5h3YVYAf0DQhtqbmjXtR0i28T-oOm_wGzAN98Eah1S5iBTLweZUouqrUtbdu_o0spI7KhGMsB_z3jllWNP1arySkOTu2qDPMNVcu5GNJaJ5bgOJhZ5lVktr0XHNUQENIzFmXjIr8KewddPNYLCdeJ_wbFACZ9FCMs6t9yMsAOc2wSiaxccgNxOFscOl1e7tr-L1-jry61h6T2UL03pO_98oPMBfQrqv617-eL0X7_wExARiE5llOCPl_F5PdN8G-ZcddYF2r_ydJw7DP8jKhcymcaNUdoPibjVt7LwOpwCMZLRAbvvEUAy_Lj-beAwNs6dcym7QYW8K_EqFvmdvdnviTWHr6unOwfEtcuDWntF226aY-CS3IelTtThCkCojGXbOTLzPyOAhyCjkSoJabRM9VNjT2ny8535a0xH3lf5OP7qKActoRPR7YN06LYzSG2pFALkfKbE8aLi1VejQYQ5RvsL2_4eMARP-yrDXBdLwPNPB7i5IenlmbWX5HbvEEdeGNnQ0j5gvQgF-l6lprHH4f6O_5EEOQBQPvAwriGfVGWPLMhfdlOP5nh26Z7FpSQ9CbNuxE0Z3bJvBNqfUGJ7jf6UgdtI8xQGbEU5aIybZ7waf9ZeUaaRcJwNvehWbMZMvqo7IZ6UCo4gSgI-gP8xVGl2n1i2PXLue726zefEKVlw4KxevGfu-B_ZbU4seX0sihAxP2pI_c1g4xcEL-V9aFn4fKMIqtz712tqgamGCQlvgVoQO66xqSTAa0pLreLeCb6z3kzWF0QWudLXXGwOo0EiVoE-46bRWZdiTlMTPiu8YqxBu_LsC2QzAsGRxv9VJ6zX1UW-ToMBVPnB9rSH6hxraMz45ti6wVH-Im6Ovjb7lSgYtbvnxef7WqiwPnzJQ_bE2vfF9UESyQRgo8FemuKwtgxyTp7WjCezmTRFQBYnf3_vPIhhuOIgX67B6quEzDxnQBqY1dCFWJJdYt8Fry0bxuAqxJrvJ6beg0l4_x5Q_0Cv8ivOJ64cnOAUzYqlHYY08RLZofEGcnQSVavzWrXtE2HFh66BpRNtvzzrcAKVvYtkaYsVZprnWoKJUShhgtVuIRKTU_AJx1K06wXWCC9FnDlcJZO3RcE2ltdWeMJsVWkJ-OhZsX1lMLfZvr32KvX4FXt0j7k8YrLv0F7qJg0WH8vnfOn7GhCSkpC-vkJhZgYETwoktQ1ulpfCcMucxPd9If4m_R2lP_x1Yqa6a3DlSh25HvqHhA9qU5dMf4DYbHWl0soFDu486_dCQ0aTT-lcLhypOgvdd3qTCVnmAOjI9ato84QAc5UzRHTauk7iUPy_-T3zyXd7lp_24_DkzMJGIl2QX1Rwlmi6UPYCEcdzdXxxjLi3tHxbJ47kLDqNS8PJ8CBhXMSfO_-7QmyaVw6LwxFa8LpoqiL63stEm9f_YCr6SxQzU9Cwl6ba3utDw6b15BKtDfsMmL4C9eK71l5o9Zxlv3s3YjYrMFBvj8YnvMTd3wWfPbJfFd_ZGDngJvvdueBlt-qg&cid=CAASJORohRUkN4Vbtyj2P_HNPjFjSzJDFQGJCMnlGePWMfdM81mbKiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11802
x-xss-protection
0
server
cafe
etag
16304758110791105277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:33:25 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6511 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Origin
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 6511 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVCM6l5l1fl6OBkmVOhHDi9mUI2sY1sx8dOV3R4XEKDey1B9motsRcldEHQEIj36ilq-ZCHnbR43EfkTxvMMQaEvlu9eG3L1sqEeeKNxvPEht0YUR-HZ338ZzHjwED2OO36XGH57JBX-2fSr1DRfSnP4O2WQ&dbm_d=AKAmf-AAgxtQAFzhhRkArZnMWWdTm42zk_3gI_HuenMeCsVNYegcas17FFgW2MOH7fU4sdYyFyh_PSjB1HhmBSjwZo4m4ZLhL885_Wp-i3eOKQqxKZkb8JMdUCY-nYH5FpzVzcve9Xo68R35-5ZnnPXDrYD4ek3q4N_oxmAUoiDtRfasFBogYedTUjRp-oMsPo7wTz2Pi35S_xhqKj4F8hCnSVUnPMrZDgTcrjSHD6m-HgEszHg4XiVowhahbL1OltHs8BOHiIQwa1SBhb1V-zRnOk5HW02gQd8u8zVDO0bawjcQOChOykWU86lncMyHOzAYNBhAgk6xwXMxnZOP2WvDxP9tz8GQ-hCwPLtCchm999s3GhYZeffZmZ79jTb6SApi684B4RHTQaO1_-yY7OfMGO3IJ8DZSeRQQ7XyCjgbE8KI572hY5uS3xeAsIvxwzDH4eb_dk5TsZCXDRhyr948Sz_kwjJNN2V7EuqJriGagGRXtgt4J1TW8isS2F2gS3QZxGiJ-OgzsRCyFFaqQar4P35z1Hc0USmnckYhcXWrlAk2ewxcfFEP53soMLZ7aU2xX3l_fnkH0f6e1Xx-uMCFMqiEXRhQfZBE43_Y8l6PwsKH1XdyQNwGQYaofWkr4cNk2idQDGU5dRzParEtX9jz5uPBMyt7xcETq6NFq-BmoDcOdVGlHNgsuC2Ym4P9vMNxgSo3eRB_HosKksIlAW0L3-mlBlSRqFsOIHZrad0PoMNU-buGbzKZIqjYivnEUnJcFNVAuwo_SwQ-Gu8Ba5SL6lt5wCnj-hOA6YEwSiQaoMOYkeWNy-8MqcZN5SetfAtLZcoqqpzcIGTX3RSfr_9WQphTfkk80OtJFhDjsu1Qb4tOA7PEqLU8cj_1FehcFzm6WCBK7R8saLzsQMrMDgvztv1sNek-S0XNdc7BLsynWcn-ynkImEYzo04HsIs-3greHLgZFMIbIicV9jPia_7jmOohAnmqV_5avB_UzoWZufVDI8VUaasSH-ltCamG3GPNdZZqqUuiKr5lzG04Lzs-LxEMDTBHTXQI_UsMoM8iEDM9ocRrJMd-KWMbL1fpyEEjw7t_OefGDzqvrtO3hzPyoFZmMv6dlJDH04P2xSu7M3sqqpCsZY03GO0dATR4OnN-5eLnoVa_p2KPqtuZzDH5grShNfUkloKy24uEEjy9ou9u2qMnO6BQnQ-pjz1KyB0QIPGGpultUQZG_I2BYYFknj2HFsobhPmRVP-ZhVzHhq95M7IR8uhgopMLhWx7HRHAs0m4fVnGY6uxTSzd-hh6D2M2aoG2vJGjb69R6Oqlt2AAGdgaG8tu_W86wRpjuYKAa7KDF45b-Lqc83N1jBvBcg2gaS2u4G-xtvcypQvZ1J9tCrBjeAOT6iDdF73bOyTUOFYFY5s1yMevR7-Q8R4aLAez7MYU-gkajgVXRYG9cw5WRfY20O5YeFGuSgUut5Sdxco5uenx2WJ-_wqiKHT3zTxcd3SS2lJH-Y3PpUGKvSLOTh9AqVQ_SshTmf7viNE1YnnZQqji4I8uUzMjN-DDlyUQiwEBG-6YJEUbGVqUn-oZt9kleaVIjNlG_dBAihwEOay-G5WmH-1tVuRNysbhckmbn0NVevfWKqt7B-bPhMFa_BjpqPpiDGxirf6JmUOtr6-gFVsz83O5pPavubgGco55RI9RQ4_1RBgJHVgeGVMdaRMcD3VytKWRLkbtWtdMEJqGo16RkmpZc40g40x_S3ykxHVaKoOIkIx5xPH6lK0yUi8Fqqam_pb76QTGZHnfZ4v4ZctqZI_8TOX8X0o8alu5tRPiMg2iemclauxhatKTVF65dDBVtIfw2D9Pz3ISzYTzJojtCAV0cTkJcnXrHiNZMqQYSD3b4ak7ssBa7TPDuN0KHCmV-l-ncvUArpr9DCK5l4Pasj9d3aYADfK7k9fT0LOmRrhriJTXBuiPYUHZA10xPU2ClOOwttxzepwqHbThe9kzjBbEanxYjHg_NK5Gwuta69cG1q24oM0aR31k2MR1v9HYFg5uBe39WaWr9nPt1foNT0uIiA-C6c0cxtjZcFbrXpOi4mDOK2Zrndmo5ylG75rK_mQPEtvVrdxRMlVWSm8SJZk5iEsI2f-CZLzkwQFvAgwlNVljpsYWwhcNs0cPb7zoU4Eq4G5RX9_fixB7h8Ws4FByHgCqh1GoPY5Spten0DqAzPZDYxgiSk4WnOVRag8GO4hZemmYqZoto-aFs7KU3z8W1yFt4gXm511VLaznEC4e2l082MQ5XhklcH5DyMrhXrm9ZzM3wcMzzCcw6RydT3seqdhJDWb_hz1hr2mpUa1aPY-cBeoEWTKfyoOnajr52mmjbkpjIU10s6S8tVE3ruLNI7V7va4v4gF-8f9-lmKBfFfUp9Y6FyJitTg4tZim7aWxCxErk2IKRqtchuJXWkh16MNgHfGEnXcxZ-qwO2mbH43dW_Md3oVOfIPOVLs5SwmVzakctsnWgD658uO737wcW4p2XHDavurQgCrEWNlbGdHml8oJ6oeDsjDQUzAmoA2fcSGSq7uwiVCsy8P5Wnj3--2Hlk0FIhFHHf5dUQpl1RkJAKhJIdzE1tDTVLuYkXDGsEczp1o6OzoV2uWcvj9dLASM74z1B9pCnjLp3FOdjLRdA6iZ_9QDXEtijEoVgRSdPvqmLPNjDqI5N5sJZnRSqiBm0oj_QgphKJ5K7nUn_7PI0EtEdj4dvMAV1uTNjRWnhvsoW0EnABUOY5WLCrux6dfib4-oqzhe7KF4wAjRtLqnKO2qUTyri-dBKZfX60P0NVDCcM29OpXPDj_f3odRGcK7Yc76XwPSWRkh05CbIEjALB4meKULfessbZ4JKMMHhTzRxcfRBHkf8fpWnnBOE13gD6cm25drGOYXY9pPWu24dqdFBsC27N5bm07adgwe1U6RL85YqdXzAXIm_iccnnOiwLpx2CfiOAtnFA8c_KK0IbbD5wi6dZNHwM2Tdqjxtn-j7dTk8HUqdvOc-ZeJ1emxD_mzgc-I4ldCPflUy3mCgKyvhvEvL4zooowmkMpqOFU7LQl5yzL7IG-ZRqPZnyfikYplbXXnwgDRued0tOPA_WuSyTapSkoG6lJSTM5FeSRI66gisNPOiLFwf9nUBs-BdUc0JB2OWBEzRQCBpHZFDUxheqLd9pKkois-FuIidqg8MI58aEtll1ztGc82pulkPqT4aeP6xetTbHxUTgcgH4V8JyNt9C5GZ5UY5jwTHnV80C-3pJf7Irxm-yF7vhqOHrdyPTi-jxT7ZaJrbMZOCYysWXiAyZ-d5LaAVwdiDpfv7M2thd3MUBCm8mYMI9B4PLjeHEJJLt6An9rHoWPEgrdlfY_uf9sN8GJPtgUycocgW7bHx4H_mgTA&cid=CAASJORoDUPtdZ2RqW4HZFAB-K6iZw4UVrg5xBGu8bse7prNscywpiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:23:16 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 6511 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVCM6l5l1fl6OBkmVOhHDi9mUI2sY1sx8dOV3R4XEKDey1B9motsRcldEHQEIj36ilq-ZCHnbR43EfkTxvMMQaEvlu9eG3L1sqEeeKNxvPEht0YUR-HZ338ZzHjwED2OO36XGH57JBX-2fSr1DRfSnP4O2WQ&dbm_d=AKAmf-AAgxtQAFzhhRkArZnMWWdTm42zk_3gI_HuenMeCsVNYegcas17FFgW2MOH7fU4sdYyFyh_PSjB1HhmBSjwZo4m4ZLhL885_Wp-i3eOKQqxKZkb8JMdUCY-nYH5FpzVzcve9Xo68R35-5ZnnPXDrYD4ek3q4N_oxmAUoiDtRfasFBogYedTUjRp-oMsPo7wTz2Pi35S_xhqKj4F8hCnSVUnPMrZDgTcrjSHD6m-HgEszHg4XiVowhahbL1OltHs8BOHiIQwa1SBhb1V-zRnOk5HW02gQd8u8zVDO0bawjcQOChOykWU86lncMyHOzAYNBhAgk6xwXMxnZOP2WvDxP9tz8GQ-hCwPLtCchm999s3GhYZeffZmZ79jTb6SApi684B4RHTQaO1_-yY7OfMGO3IJ8DZSeRQQ7XyCjgbE8KI572hY5uS3xeAsIvxwzDH4eb_dk5TsZCXDRhyr948Sz_kwjJNN2V7EuqJriGagGRXtgt4J1TW8isS2F2gS3QZxGiJ-OgzsRCyFFaqQar4P35z1Hc0USmnckYhcXWrlAk2ewxcfFEP53soMLZ7aU2xX3l_fnkH0f6e1Xx-uMCFMqiEXRhQfZBE43_Y8l6PwsKH1XdyQNwGQYaofWkr4cNk2idQDGU5dRzParEtX9jz5uPBMyt7xcETq6NFq-BmoDcOdVGlHNgsuC2Ym4P9vMNxgSo3eRB_HosKksIlAW0L3-mlBlSRqFsOIHZrad0PoMNU-buGbzKZIqjYivnEUnJcFNVAuwo_SwQ-Gu8Ba5SL6lt5wCnj-hOA6YEwSiQaoMOYkeWNy-8MqcZN5SetfAtLZcoqqpzcIGTX3RSfr_9WQphTfkk80OtJFhDjsu1Qb4tOA7PEqLU8cj_1FehcFzm6WCBK7R8saLzsQMrMDgvztv1sNek-S0XNdc7BLsynWcn-ynkImEYzo04HsIs-3greHLgZFMIbIicV9jPia_7jmOohAnmqV_5avB_UzoWZufVDI8VUaasSH-ltCamG3GPNdZZqqUuiKr5lzG04Lzs-LxEMDTBHTXQI_UsMoM8iEDM9ocRrJMd-KWMbL1fpyEEjw7t_OefGDzqvrtO3hzPyoFZmMv6dlJDH04P2xSu7M3sqqpCsZY03GO0dATR4OnN-5eLnoVa_p2KPqtuZzDH5grShNfUkloKy24uEEjy9ou9u2qMnO6BQnQ-pjz1KyB0QIPGGpultUQZG_I2BYYFknj2HFsobhPmRVP-ZhVzHhq95M7IR8uhgopMLhWx7HRHAs0m4fVnGY6uxTSzd-hh6D2M2aoG2vJGjb69R6Oqlt2AAGdgaG8tu_W86wRpjuYKAa7KDF45b-Lqc83N1jBvBcg2gaS2u4G-xtvcypQvZ1J9tCrBjeAOT6iDdF73bOyTUOFYFY5s1yMevR7-Q8R4aLAez7MYU-gkajgVXRYG9cw5WRfY20O5YeFGuSgUut5Sdxco5uenx2WJ-_wqiKHT3zTxcd3SS2lJH-Y3PpUGKvSLOTh9AqVQ_SshTmf7viNE1YnnZQqji4I8uUzMjN-DDlyUQiwEBG-6YJEUbGVqUn-oZt9kleaVIjNlG_dBAihwEOay-G5WmH-1tVuRNysbhckmbn0NVevfWKqt7B-bPhMFa_BjpqPpiDGxirf6JmUOtr6-gFVsz83O5pPavubgGco55RI9RQ4_1RBgJHVgeGVMdaRMcD3VytKWRLkbtWtdMEJqGo16RkmpZc40g40x_S3ykxHVaKoOIkIx5xPH6lK0yUi8Fqqam_pb76QTGZHnfZ4v4ZctqZI_8TOX8X0o8alu5tRPiMg2iemclauxhatKTVF65dDBVtIfw2D9Pz3ISzYTzJojtCAV0cTkJcnXrHiNZMqQYSD3b4ak7ssBa7TPDuN0KHCmV-l-ncvUArpr9DCK5l4Pasj9d3aYADfK7k9fT0LOmRrhriJTXBuiPYUHZA10xPU2ClOOwttxzepwqHbThe9kzjBbEanxYjHg_NK5Gwuta69cG1q24oM0aR31k2MR1v9HYFg5uBe39WaWr9nPt1foNT0uIiA-C6c0cxtjZcFbrXpOi4mDOK2Zrndmo5ylG75rK_mQPEtvVrdxRMlVWSm8SJZk5iEsI2f-CZLzkwQFvAgwlNVljpsYWwhcNs0cPb7zoU4Eq4G5RX9_fixB7h8Ws4FByHgCqh1GoPY5Spten0DqAzPZDYxgiSk4WnOVRag8GO4hZemmYqZoto-aFs7KU3z8W1yFt4gXm511VLaznEC4e2l082MQ5XhklcH5DyMrhXrm9ZzM3wcMzzCcw6RydT3seqdhJDWb_hz1hr2mpUa1aPY-cBeoEWTKfyoOnajr52mmjbkpjIU10s6S8tVE3ruLNI7V7va4v4gF-8f9-lmKBfFfUp9Y6FyJitTg4tZim7aWxCxErk2IKRqtchuJXWkh16MNgHfGEnXcxZ-qwO2mbH43dW_Md3oVOfIPOVLs5SwmVzakctsnWgD658uO737wcW4p2XHDavurQgCrEWNlbGdHml8oJ6oeDsjDQUzAmoA2fcSGSq7uwiVCsy8P5Wnj3--2Hlk0FIhFHHf5dUQpl1RkJAKhJIdzE1tDTVLuYkXDGsEczp1o6OzoV2uWcvj9dLASM74z1B9pCnjLp3FOdjLRdA6iZ_9QDXEtijEoVgRSdPvqmLPNjDqI5N5sJZnRSqiBm0oj_QgphKJ5K7nUn_7PI0EtEdj4dvMAV1uTNjRWnhvsoW0EnABUOY5WLCrux6dfib4-oqzhe7KF4wAjRtLqnKO2qUTyri-dBKZfX60P0NVDCcM29OpXPDj_f3odRGcK7Yc76XwPSWRkh05CbIEjALB4meKULfessbZ4JKMMHhTzRxcfRBHkf8fpWnnBOE13gD6cm25drGOYXY9pPWu24dqdFBsC27N5bm07adgwe1U6RL85YqdXzAXIm_iccnnOiwLpx2CfiOAtnFA8c_KK0IbbD5wi6dZNHwM2Tdqjxtn-j7dTk8HUqdvOc-ZeJ1emxD_mzgc-I4ldCPflUy3mCgKyvhvEvL4zooowmkMpqOFU7LQl5yzL7IG-ZRqPZnyfikYplbXXnwgDRued0tOPA_WuSyTapSkoG6lJSTM5FeSRI66gisNPOiLFwf9nUBs-BdUc0JB2OWBEzRQCBpHZFDUxheqLd9pKkois-FuIidqg8MI58aEtll1ztGc82pulkPqT4aeP6xetTbHxUTgcgH4V8JyNt9C5GZ5UY5jwTHnV80C-3pJf7Irxm-yF7vhqOHrdyPTi-jxT7ZaJrbMZOCYysWXiAyZ-d5LaAVwdiDpfv7M2thd3MUBCm8mYMI9B4PLjeHEJJLt6An9rHoWPEgrdlfY_uf9sN8GJPtgUycocgW7bHx4H_mgTA&cid=CAASJORoDUPtdZ2RqW4HZFAB-K6iZw4UVrg5xBGu8bse7prNscywpiAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11802
x-xss-protection
0
server
cafe
etag
16304758110791105277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:33:25 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5369 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Origin
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 5369 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApqRU8UbU4NEu57uOxZsMKMP3XVomRIFD7Ai-IVzdrFAZ7qpi4l5_YwAi7-APRy3lRYdGi_Pgkd5x0DRiOPCC5ichYLGvnl5cZjfZ7V4FtmX8k_cJXbei2RFe7UNaEUeQ6UJ5PABgyNIdk0GV9eH_HTrw-YA&dbm_d=AKAmf-COkSNTi44WMfTj24_9Gzs17T4Jh14m6YLOHMb95SKv3td6rFv7FEij6dguEvHDQ9er6-ToMMOyqHJMRUbn9Ot0UozWAtD8NziUKoSy1Liy7SBvXHlHGO6N1UBZhvunIF3vzGRWE5hsvHs3vFXdSRTiOwt_blOjpNqFEYS2WjjSeTpJomV52yYEW5pTUw8rfn0oPvsBBIk3VAHLlS_hhxZBK4hrgxf_nPud_hLkNKF0KfcZ1fjyGaOM829OHYAkDHLyCGcQatfzocDmbuCmylUSnpEje9I-Ru4KSGp0FBMXjvHWLoepEQC0PDhHhjO9Nci5q30fkMn5pESbWXP4buhJt6jH3mOMoN_5jC4C-9UVbjm7O6pUhnPDG-Va1ydxPj-hFne-o-y75ZxWljBlt2i4yMfyJ4BXZy8s-Ex02ZG6Ojd9Pwxlp9hVdO317SUHa0DHPvqPGhT7z84F7O0TQEy5ds44pKWduV08jfCQxx32NLnE29NxDcVYcP3dgMMn-2EdnhYtQpEOlvMfzZ_gGfFqmlPu0Qcg-ca5KVwyf_I5sfwTbnh3BDyWF76UOW4u4pcbv5lDFkv4iAnz2SBrGnXzTTf3vd-NGIe14LE6xmuhPlk1aN7KSDFM57a9JUNQjKHNDuB_RhAqaw83s8vVGox2kj5PxmhupVYTvVI-ZNHdrciqiFCt0-BRK6Z18m5FWLbQOk_DU2cNiSXsyzcS30pGcr19P9eQo9d3sWewNU1XUwKNyLs8aoSDvXqCmnKB_Y4vWsfQRXfZCBxsgTOuK510R6KRq5MlmOZsGR35C7qqKOazwEMGDFlFdIqiO_fs9VktfGDRnaaQ7qRtCQlmGzRtTQBjDNGGnuSUI_6sLesgZs8E-Su-fEfIjPBLhcXGRZf4sNgzt9s9mhZQR_xIH0Tsj9Iqy2_kDaEQ2fo0rcKrIBKuMqRFyqgVCDZUJhoFy1DJVmnwphp10lFuv-5hjDMln4RTl8eelmk6o-VaH-Gu0f5Y3-ubP1PPJrxV2u25iNCzPrQjmli-GYVP7d6AA_-LqQ224EkoIM58gae2zjdz3fc12hgZqh5NWz9vo6CLoKoNig-QWujbzcMXlScZVCiebaPEDlP_qekIO4Fjk3GirACA53Tqfa4coAo8TJIgH9CFkWh2nyqp2MYenwAz_g6qAmAbYzcicz7UZAfOXlLaBNkiLFbg5H8nGm2W4zNCUUcdVEv92kOUmQukbLbbIeRTJh4StQxaFUl4GvE8_UKxp-qZpPAroHtKqd33ZuWDdeZnQyEUJcrppGEHQqfizn9YTo0d3HmB5NtzRyzDAKMkgbcyPVlR6Uegt_EzdCy3mhKIs89RYa8XzpjeHPFgs74gxNyObMKGt3IoJ6ZT8eeYHOOv_mEkgmPykw5lTxb3MR-VxZcVG092oEmuwC2S1_mApj-mSZ8_E6bL6Nk22mg9eaJ_b2ay-LE6bIp2-j47ZsEOi9ImL3Gj5xorGAkC-vG63U5jOCxNABS4q_WtxUqwva89ciuxT8ZEcal7eDvX_tqakFxH_nttWUPU7zmJayZKLpknrI13k1MJD0eLPDsvCOz_4ObbhfAhqUvJq0yis0VAnQbe1UkvTw_eg1lk89WFJ1rmySLFbzH0RUVrrbepiSLMeEdLimyIdFRHy1gAiLIyIOeP3rIdMqdYzNNkii6AQsxIgMy-nYJ9FXxmgJ2SaCwTU0EUoJvFlQ0pbG-6E0asNjQTrHg9X6r11VwTXmMh7HidXXNiSXHwkFsML1QvTtMC5Es3E1My5tg_JdJ-BH5TZv0bhz6JR5n4USa2r4DiYUNLKmJxOQC9im5DTCblh-T-0SDsGzKjdltn-rJaamOo4Dg0KFMjNwNgVLD7ZpscpIqm7ClQOu1yOfxP4hgOoKBuj6AZgVt8wWC04eeu6PDbeApjF9QMZaq-LKMfhTOzJbLyWb8teFTGv_iwlklhYm2zPw3cBJI98vxeCQs8ytBYluWCtamYV5q8HbkPJEIG6rQ4GQrvkxpH37mOpBO89lW7l8NsJOSfTCBkZTqXyMA-5bZq8xFhLkQta0ZREzqBqJQnTpcWVDMN81lQ9TlBEcq2pfiDd_BqnSPcwkpbPz6Y26jX5Dq68fXPHhRN6IJuPM7N5OO9V93vFB9DxQkYFUNvBKVa44ivI8ytYjBNfCj9VFGtpKCg4xdF7ICbTOetlbvg41XZGpQWAkaOZD-c-HFF4T2dFC_NvnY0rMASfKLqCvx-k8gR89uxAJrlVkGZVx5T4k4lCWRGe6HETwcksTVGEOSQS3dxL8NtH9quVrV4OtlVcuhOJc6dr3W-iUKR3HILuE7iOjOw3DTMPm9mQ55OIuHn6O-1l1fZ2orrT9hmgjF2vv6xyyYmxzjarxfyF0VHvdde6-jNgTq-SDJXtrmBeWjI6kdh5E5xT-SIxle939No0HLPmzNn1DLJ44DJFurQtwrPut1o0M7PvPQ-Kop7lFhH9NG8HVtVJynE0ii1_4A-6fApdtZfbg2pYz5fAmf5e7TE0PKAiCSuoL8V7XIdDs2_m_7nIksPZ0EidlCr7AMlKaXIesLb6w01JABd0fPTajXBVgMymfRZ7_7lK65PY3MfMrBfAhy4TXzfTqLM0VulxKLNs2OuL4Wnsy55McmHU1wL8fkIR7eig6TIHSlg3GB_ZDBffOYIVKL1azBZSWUxhbIADTdmHJRNVzwBCHBLvlbl2KputUvUCDKzoDFqDSCKRZg6rufs-E3YDjxk-ChjQOYE_qx2jrIjQtXpaEXj_uaXiBb2TZb-_Xit0J4Cqlx_gaKw7J5KMwL_ieSYo4YCK7pZfDuPmvWgOiwbnkHBafNK3dL8r0zxa-FRwRtWXeih0_WBvKNTvw1Io8KMpEKrIy9Rb-wL1DDeUwfW1UA8ddD8rqI6nu7nAxjmp8mUp2T2Yg-6t9rrlQ2xhd_7I64UnzfyQP9noqRRlejLZZ5Bx5IFLqZAiQ3QkAjN9yqI9fw17i5iusMduKdqWk1D7cggPPHDoteYFJHWuWDdjOPZmHDJpl7h_Zbx1fTGf5ruahQvmQV0HTuXOEmgV3tU9RAEMigqeI2lOx0if0uytlcTI5EXzJD9VG6JcW_M-rF_hu-DX9AhlKQKFU1_SnBm9grrSWcvGZfYJsQUHJDWgqIbnTOzAJADqPf1LC-zYqBqKrmMoh33ah7tLxytbTc26dEGkiwtTuC4nM_qEE8tpWYadJYBhXGJlpEQv891Zdg107Jn3itllPIDHK7G6mOxIQl_2-Vv637TBYTJ99SuvgCzUvl76qsb05ZBs_nHKICp344btqzEy38ZyhMdKvNfYyL2JivyrVw2LhjUTap8jygKfw9F3CZJtnW41URj6Uix4pEeYpQQWt4HIdE8S-Tq4kMp&cid=CAASJORoT5ADqq8DGkY6cbX4lDG0y9LufiyUO-vvivodhYtHiaHkKyAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:23:16 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 5369 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApqRU8UbU4NEu57uOxZsMKMP3XVomRIFD7Ai-IVzdrFAZ7qpi4l5_YwAi7-APRy3lRYdGi_Pgkd5x0DRiOPCC5ichYLGvnl5cZjfZ7V4FtmX8k_cJXbei2RFe7UNaEUeQ6UJ5PABgyNIdk0GV9eH_HTrw-YA&dbm_d=AKAmf-COkSNTi44WMfTj24_9Gzs17T4Jh14m6YLOHMb95SKv3td6rFv7FEij6dguEvHDQ9er6-ToMMOyqHJMRUbn9Ot0UozWAtD8NziUKoSy1Liy7SBvXHlHGO6N1UBZhvunIF3vzGRWE5hsvHs3vFXdSRTiOwt_blOjpNqFEYS2WjjSeTpJomV52yYEW5pTUw8rfn0oPvsBBIk3VAHLlS_hhxZBK4hrgxf_nPud_hLkNKF0KfcZ1fjyGaOM829OHYAkDHLyCGcQatfzocDmbuCmylUSnpEje9I-Ru4KSGp0FBMXjvHWLoepEQC0PDhHhjO9Nci5q30fkMn5pESbWXP4buhJt6jH3mOMoN_5jC4C-9UVbjm7O6pUhnPDG-Va1ydxPj-hFne-o-y75ZxWljBlt2i4yMfyJ4BXZy8s-Ex02ZG6Ojd9Pwxlp9hVdO317SUHa0DHPvqPGhT7z84F7O0TQEy5ds44pKWduV08jfCQxx32NLnE29NxDcVYcP3dgMMn-2EdnhYtQpEOlvMfzZ_gGfFqmlPu0Qcg-ca5KVwyf_I5sfwTbnh3BDyWF76UOW4u4pcbv5lDFkv4iAnz2SBrGnXzTTf3vd-NGIe14LE6xmuhPlk1aN7KSDFM57a9JUNQjKHNDuB_RhAqaw83s8vVGox2kj5PxmhupVYTvVI-ZNHdrciqiFCt0-BRK6Z18m5FWLbQOk_DU2cNiSXsyzcS30pGcr19P9eQo9d3sWewNU1XUwKNyLs8aoSDvXqCmnKB_Y4vWsfQRXfZCBxsgTOuK510R6KRq5MlmOZsGR35C7qqKOazwEMGDFlFdIqiO_fs9VktfGDRnaaQ7qRtCQlmGzRtTQBjDNGGnuSUI_6sLesgZs8E-Su-fEfIjPBLhcXGRZf4sNgzt9s9mhZQR_xIH0Tsj9Iqy2_kDaEQ2fo0rcKrIBKuMqRFyqgVCDZUJhoFy1DJVmnwphp10lFuv-5hjDMln4RTl8eelmk6o-VaH-Gu0f5Y3-ubP1PPJrxV2u25iNCzPrQjmli-GYVP7d6AA_-LqQ224EkoIM58gae2zjdz3fc12hgZqh5NWz9vo6CLoKoNig-QWujbzcMXlScZVCiebaPEDlP_qekIO4Fjk3GirACA53Tqfa4coAo8TJIgH9CFkWh2nyqp2MYenwAz_g6qAmAbYzcicz7UZAfOXlLaBNkiLFbg5H8nGm2W4zNCUUcdVEv92kOUmQukbLbbIeRTJh4StQxaFUl4GvE8_UKxp-qZpPAroHtKqd33ZuWDdeZnQyEUJcrppGEHQqfizn9YTo0d3HmB5NtzRyzDAKMkgbcyPVlR6Uegt_EzdCy3mhKIs89RYa8XzpjeHPFgs74gxNyObMKGt3IoJ6ZT8eeYHOOv_mEkgmPykw5lTxb3MR-VxZcVG092oEmuwC2S1_mApj-mSZ8_E6bL6Nk22mg9eaJ_b2ay-LE6bIp2-j47ZsEOi9ImL3Gj5xorGAkC-vG63U5jOCxNABS4q_WtxUqwva89ciuxT8ZEcal7eDvX_tqakFxH_nttWUPU7zmJayZKLpknrI13k1MJD0eLPDsvCOz_4ObbhfAhqUvJq0yis0VAnQbe1UkvTw_eg1lk89WFJ1rmySLFbzH0RUVrrbepiSLMeEdLimyIdFRHy1gAiLIyIOeP3rIdMqdYzNNkii6AQsxIgMy-nYJ9FXxmgJ2SaCwTU0EUoJvFlQ0pbG-6E0asNjQTrHg9X6r11VwTXmMh7HidXXNiSXHwkFsML1QvTtMC5Es3E1My5tg_JdJ-BH5TZv0bhz6JR5n4USa2r4DiYUNLKmJxOQC9im5DTCblh-T-0SDsGzKjdltn-rJaamOo4Dg0KFMjNwNgVLD7ZpscpIqm7ClQOu1yOfxP4hgOoKBuj6AZgVt8wWC04eeu6PDbeApjF9QMZaq-LKMfhTOzJbLyWb8teFTGv_iwlklhYm2zPw3cBJI98vxeCQs8ytBYluWCtamYV5q8HbkPJEIG6rQ4GQrvkxpH37mOpBO89lW7l8NsJOSfTCBkZTqXyMA-5bZq8xFhLkQta0ZREzqBqJQnTpcWVDMN81lQ9TlBEcq2pfiDd_BqnSPcwkpbPz6Y26jX5Dq68fXPHhRN6IJuPM7N5OO9V93vFB9DxQkYFUNvBKVa44ivI8ytYjBNfCj9VFGtpKCg4xdF7ICbTOetlbvg41XZGpQWAkaOZD-c-HFF4T2dFC_NvnY0rMASfKLqCvx-k8gR89uxAJrlVkGZVx5T4k4lCWRGe6HETwcksTVGEOSQS3dxL8NtH9quVrV4OtlVcuhOJc6dr3W-iUKR3HILuE7iOjOw3DTMPm9mQ55OIuHn6O-1l1fZ2orrT9hmgjF2vv6xyyYmxzjarxfyF0VHvdde6-jNgTq-SDJXtrmBeWjI6kdh5E5xT-SIxle939No0HLPmzNn1DLJ44DJFurQtwrPut1o0M7PvPQ-Kop7lFhH9NG8HVtVJynE0ii1_4A-6fApdtZfbg2pYz5fAmf5e7TE0PKAiCSuoL8V7XIdDs2_m_7nIksPZ0EidlCr7AMlKaXIesLb6w01JABd0fPTajXBVgMymfRZ7_7lK65PY3MfMrBfAhy4TXzfTqLM0VulxKLNs2OuL4Wnsy55McmHU1wL8fkIR7eig6TIHSlg3GB_ZDBffOYIVKL1azBZSWUxhbIADTdmHJRNVzwBCHBLvlbl2KputUvUCDKzoDFqDSCKRZg6rufs-E3YDjxk-ChjQOYE_qx2jrIjQtXpaEXj_uaXiBb2TZb-_Xit0J4Cqlx_gaKw7J5KMwL_ieSYo4YCK7pZfDuPmvWgOiwbnkHBafNK3dL8r0zxa-FRwRtWXeih0_WBvKNTvw1Io8KMpEKrIy9Rb-wL1DDeUwfW1UA8ddD8rqI6nu7nAxjmp8mUp2T2Yg-6t9rrlQ2xhd_7I64UnzfyQP9noqRRlejLZZ5Bx5IFLqZAiQ3QkAjN9yqI9fw17i5iusMduKdqWk1D7cggPPHDoteYFJHWuWDdjOPZmHDJpl7h_Zbx1fTGf5ruahQvmQV0HTuXOEmgV3tU9RAEMigqeI2lOx0if0uytlcTI5EXzJD9VG6JcW_M-rF_hu-DX9AhlKQKFU1_SnBm9grrSWcvGZfYJsQUHJDWgqIbnTOzAJADqPf1LC-zYqBqKrmMoh33ah7tLxytbTc26dEGkiwtTuC4nM_qEE8tpWYadJYBhXGJlpEQv891Zdg107Jn3itllPIDHK7G6mOxIQl_2-Vv637TBYTJ99SuvgCzUvl76qsb05ZBs_nHKICp344btqzEy38ZyhMdKvNfYyL2JivyrVw2LhjUTap8jygKfw9F3CZJtnW41URj6Uix4pEeYpQQWt4HIdE8S-Tq4kMp&cid=CAASJORoT5ADqq8DGkY6cbX4lDG0y9LufiyUO-vvivodhYtHiaHkKyAN&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11802
x-xss-protection
0
server
cafe
etag
16304758110791105277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 10:33:25 GMT
sync.js
ads59.adtelligent.com/ Frame 3AD6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/sync.js?aid=723432
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a913b63823132df5ae746e46650f15a84b874c237c2873e3af16173c497255b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
959
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=0&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2003&nested=0&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
nmedianet.js
contextual.media.net/ Frame 9451 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81c0f35656065ed8f2072ab796949fcb5ac7f936476fae726f82e0ece5c89c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-7
content-encoding
gzip
server
Apache
etag
"e9bfb71da109f70f527807153f4af7e5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Thu, 08 Sep 2022 10:47:51 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-7
expires
Thu, 08 Sep 2022 10:52:51 GMT
log
qsearch-a.akamaihd.net/ Frame 9451 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=20781330&other_prv=9&jar_err=&current_day=4.0&adtyp=0&req_id=1200961834410420736&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0310&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=3.6609&exp=&fdbk_id=&second_bidder=*&search_res=28&floor_bucket=0.05&gpid_format=&seat=&size=320x100&f_seg=&prdp=0.1440&ogcbdp=0.2000&dfpbd=0.1440&server=1&ogerpm_wd_bkt=0-1&model_version=202209071502_generic_appn_2-cid_1&viewability=0.4300&dmm_r=0.6710&cut=28&dmm_l=0.0310&as_cache=0&tcyerpm=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=simcast.com/&bidrestime=1662634069109&cc=DE&strg=harmony&ss=&current_hour=10&time_stamp=2022-09-08+10:47:49&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.2000&ct=Erfurt&akey=&mnckfl=0&bdp_bucket=0.20&algo=default&dc=eu_be&splid=20781330&dim4=exploration&dn=simcast.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/105.0.5195.102+Safari/537.36&buyer_id=&dmm_m10=1419499&bdp_wider_bucket=1&acid=24baf4ad310a42cbbe75759f675ea715&infl=&o_ver=NT+10.0&br_ver=105.0.5195.102&bdmm_m6=1.0000&bdmm_m7=0.3980&bdmm_m5=1.0000&ver=8.13.0&totalTimeBucket=4&visibility=0&totalTime=4460260&dmm_m1=2022-09-08+10:47:49.125305273&e_rpm=0.2080&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.3980&cid=8CUH5EN48&bcrid=352460760&rawbid=0.2000&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=2&o_id=101&clisp=rtb-common-577b747c47-z9ttp.BE&dfp_bucket=0.1&adblk=&itype=appnexus&pvid_seat=9&cliIP=0&advurl=content.businessinfoline.com/&level_base=0&crid=101633514&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&dmm_d22=0.03&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.2
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 08 Sep 2022 10:47:51 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 9451 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Thu, 08 Sep 2022 10:47:51 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=80370
access-control-allow-credentials
true
content-length
62892
expires
Fri, 09 Sep 2022 09:07:21 GMT
it
fra1-ib.adnxs.com/ Frame 9451 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https://simcast.com/&e=wqT_3QL3BPBMdwIAAAMA1gAFAQjVkOeYBhCyw_Dcw_2bvGIY25rIt5Oa3qUZKjYJO99PjZduwj8R4cyv5gDBvD8ZAAAAIK5H9T8h4cyv5gDBvD8pO98JJNgxAAAAQOF6tD8wkrL0CTiUXUCVCUhgUNi_iKgBWJT8kQFgAGjvtqsBeN7XBYABAYoBA1VTRJIBAQb06AGYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AL9wFzqAhRodHRwczovL3NpbWNhc3QuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTIwMDk2MTgzNDQxMDQyMDczNl9zYmlkGhM3MDk1NTQ0MjczMzI1MjY5NDI2IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDg7rHAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEJDIwMDE6MWI2MDoxMDEwOjM6MTAxMTo2NzI1OmNjNDI6YTQ1NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATYv4ioAYgFAZgFAKAFgNTWxs6Nq9UQqgUQM0IwRTUwQzQ3NjlCMkM2QsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOMcGQADIB97XBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAE.&s=6dfb5436aca253a37b732a5fc4e72aec1f38e148&pp=0.1120
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0bb7be9-9834-40bf-aa34-e637f34fa9a1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/227/ Frame 9451 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/227/trk.js
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Content-Encoding
gzip
Age
697791
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29299
X-Served-By
cache-lga21983-LGA, cache-hhn4068-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Wed, 31 Aug 2022 08:56:29 GMT
Server
AkamaiNetStorage
X-Timer
S1662634071.055773,VS0,VE0
ETag
"6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 31 Aug 2023 08:58:00 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 649548
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CB60 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 59B7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18944
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=538100&nestedLevel=0&tti=289&ttiFromStart=34&adid=3B0E50C4769B2C71&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
truncated
/ Frame CB60 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
104b983695ee40fba6818cb791681f03d27df9dc2afb0284b23da66461f17405

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220901&jk=1106933977396237&bg=!_v2l_bnNAAZTikH4c4o7ACkAdvg8WhzLe06iNR6z70tPXBqSoawQwfsTrntegFrDVDeJuoY5CBI88wIAAABDUgAAAAJoAQeZAqfYcZ_6haJ6B72ReBrYyFngq7EVMcNdJojcJQ5-GABKCpbDeatWfUCSbITq_Lqp0a7yCpxx0_JxkeM3-tZk2EFcsxSfbUClOPWGpkr9t7sLGlJ7M1odIah8x_49VTjeVHzuEnEPDCx03osiOe-GEXZR64zdVqmH57gzogfxWKsoZf55FWkYxZ-T3GbyYt27qWmo9jIwl74qvb-O8LqZmbuBHhuQKuiD3FHs4J0RI4PMNrG7m3gKjbC2NIFfWiX1OcaLDe2pW7BH40Uh5R5xKDxDVjXf1bhz0BDagSfNQaWKZ-B872-vNNgwQp5CC6-xtO5lUmrumpTIKxzHt8g3AIAcbCRBw4mHqFPnacBZj6WHzDldQCSVS1KpgmB2JeBaQZyzT6w6sVZ9DqIY3EcBEAuKMTanGA13sjUQ8ofLDQNkHApeIWY-t9j7un5wLS_iCPRHj4aUz5rNXRRukNDafjQCRBgZrY6UbFaH2-5RpS6QEvoggZLzuecZz7xEIDRZKAigFtMAqHx_IwHlxlfgnxTGD-FGBXiS2na9fr4MPIN1jSYOAnDhTjo2I4tTGewSXSILPytQ6Vu7r_NYz6OVfYsouuG1rqmr1zej5DvltXvJ6yUHZHrdull0YZZnM1iLD8awcNoBVm1LGMH4UwVNmMVDq2LMkU0z-Wq1e4Rx5C1PjbxjQt_oI3OW7GB9laAA3BtCATr2MwhHx4uLlBcSuZZXsPfd5tLmS-GBbOKLe1SsWm0yhZLTQuIJNUmKwWvcngJZxh7MI5T2vtPV53xoTaRHpMNt3iG3frsfQGH_VGfiNEqwqzMk_8YBHti-6AhEAUakyP_IS4KeJr_qEYy1GTWogu9ISc6TdAe9o3zcWrbHWwR0RI_xAPtVMd0JQiqvVEJylbvMYmmT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5369 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5A0F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6511 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E02B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6511 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cca3aa1de0c8fffc7c2d52a34209eae1dbb053371dff2548e2dfc98a5fad9ceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5369 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1b76e7307506df82502995465aa369c0d6fd9d85a55201f7d30572a665eb02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
sync.html
s.console.adtarget.com.tr/ Frame B72B 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=748067
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://simcast.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame A718
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=771cc470-05a4-4233-b9a3-feaa933208c9
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=771cc470-05a4-4233-b9a3-feaa933208c9
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 08 Sep 2022 10:47:50 GMT
Etag
a618f5d1b954ec61
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74771bc12b609273-FRA
content-length
0
date
Thu, 08 Sep 2022 10:47:51 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=771cc470-05a4-4233-b9a3-feaa933208c9
server
cloudflare
sync.html
s.adtelligent.com/ Frame 84C7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://simcast.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 72B8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166431
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:51 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 10 Sep 2022 09:01:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E118 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 007C
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b1dcfc798e8e130c42e068c310813e1e516c770cc2e726a07a2162fa77df7ace

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Thu, 08 Sep 2022 10:47:51 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-743

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 08 Sep 2022 10:47:51 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-743
d
ic.tynt.com/r/ Frame 77FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=723432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
pixel
ap.lijit.com/ Frame 3AD6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 08 Sep 2022 10:47:51 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 3AD6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5263463049080341825
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5263463049080341825
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Etag
a618f5d1b954ec61
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6e54747-85d0-4619-aa3e-f8a3056d6a2a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5263463049080341825
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3AD6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1662634071262
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1700379818
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1700379818
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
etag
RX256a1cd0ac8541a9ab0c5aae0016197a003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1700379818
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 3AD6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5263463049080341825
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5263463049080341825
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Etag
a618f5d1b954ec61
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c09c06c4-e99b-4e85-814f-9d6652916d13
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5263463049080341825
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3AD6
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f177cdb5-9c82-4f8f-a910-8d6d92f73165
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f177cdb5-9c82-4f8f-a910-8d6d92f73165
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Etag
a618f5d1b954ec61
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f177cdb5-9c82-4f8f-a910-8d6d92f73165
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
salalnrtmdcrvsu3hflt3blqnspldnov
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2825 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
529014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
728x090.html
s0.2mdn.net/sadbundle/13702939399333871616/ Frame 39FF 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d775064382a0799231e565c5458e520889294157a736796c9cd6b675c438178a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 08 Sep 2023 10:47:51 GMT
last-modified
Wed, 07 Sep 2022 16:07:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6511 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsub4HGIekQDsSRzGBcHtIeTBJj3G14u3l72K1pL0eTbcFAZTHjkYvTVM9c9ZhtU_UydtlsuVrvphMEVUexGZuNxtDmGJDK0Wt00YDRG09gHTf6EKK8EKHgKVABpvL8YGQd1G06xc-hRzPdA4hhh7j2kTJEn9Eh04wdvv_EZL2ybgo2PmNngUGcBvRtO7RJEH-fYI_hWE_lndr8lM5Ju04wsQ6s_vSXN8EppuzWtyNcNZiGWoSWJ36bphkdvt0aEY4Hfs9xPFtSXWgfR6v7f7UwxZvVslFRlAQkZ84TukyLMA_lmpf2Rq1fJGVsSGzPVD8LjVEDvDGtZNOgL6TOacB84XJg7uHjulWxW3WmcQPK2D2EwK0e5QDuSULzgY1m0y13R3Sou6IB8G7aWnpT4NCXUva4qRktwGBqJyjfLfaye-xixabih2D5V0phwcQ0hOVpfs829WIv0uOMj8C5s_FQiBWWZTsOfrn3zQlj6n41jXcczNH_BndpJcPPYEDhEj0CG1lGH3QfSbjM53ecrjGIxHTfVbwT05Q3bMn87W8S20lgqmdmLX2RIcqxJb-6YkjVoxE8B9lFk_I9o_x2NrIQluvXn3JhFL5DiYX9PrxRiBwjDLln2HJn76fbXHUSheqb3d-zeM6zS_A9sqtWl6f5I-unCk5Pf-Eu92UxKdpacEL6GZsRlRQKvogkt1XUpK7i2Zwm8kl3Xb4bG4KKxnYS_sZKgxNGrAovaPYGfjBho1gUrYQtJiTTEaI4NWb4vPmwlGmBWMoJjlsf40BGf5yDlcBFCWJlMwj5dwuCiVdUQqglTPTWCOy7b0MvLBjPurVdS0KnLH33fki3vyF44p2JRQ5Ft1zqkPOwuzXrTobV1X94DLKK--k74p_QKKQZ23ZkOLdQo55z25Q0OprycRmwpePYypRhVYLP3Do_0a3Hq3-_Xml63q17Fs3BloqujqBVxCLL_jNBORJxbzRrpA8py2wG6mfRitrgNnEpLOJLiH1DSnhg-BtlYl1E964dlI1rxD6s1bbdbmmn_pY4VrNsKusqXq8gMhss57jN0A4Z-ICbXUjAxAKkRrDLxl4_zger4tBVKZVM70ZEAjkEDwWY6yIvegWan6XTvxoYY3vJvlnTC6ZeuDKpDSA3Mm8ExAGatFd4yyhN9reCWb5ihorCSFy0M19IfHTEZhxp3zdQa9el3uJTTAjTUzGyrEoQJubtoo9HoctWWunaAHUaOxM46zWKKL8eFAADK85GzPTFWKDDkjHyVOoAyxY80Rw3eewMGKhUFoVHUkKcXn7RjM40r389TLuX8e2Q5Qg&sai=AMfl-YQ-3Kb5kVD9978TjoLjm96NYMhRKVzLNjTMWdBIhlGVEpkdt7W1Prb0p84fvk0adG9bYIBDxzvvMKEv9dfu2H5Arf3oWyBHbW2Z7WK9Mk6jMdBPJs_U_1p8nzymQlnPh2Isv-ct1rzDI0YJJlMbu1XsO6z4AX15jrsnghfsG8ihFBpXN4pHLqisYEozo7TESaJ1Beb_3HMxsTKfU-gvqZGM&sig=Cg0ArKJSzJdtXAJWq6ZTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&cbvp=1&cstd=287&cisv=r20220901.68608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
300x250.html
s0.2mdn.net/sadbundle/9653218171909308416/ Frame 68EE 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 08 Sep 2023 10:47:51 GMT
last-modified
Wed, 07 Sep 2022 16:07:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CB60 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAyeL8oJQcICCR_k6gEeWcvdNkTnMJgERUTxP-jBfguAl1epSaNR9v4Ci7klepDU5p_VKebhJf6IyXb3heSeoqW_44W4KIQq-tQSyL2_68KxmqrLgkVi1qp1dexSIi2XmB2AYtvsrVmZPdvZAYU-5Bi-LH3G0dOEHwCuXa_6f73B1ONIRCEe9INDGY0nHvE4p4ilPv5EdPtWANTGDf9s3b8PX0UNZvP-5nqqqrTcUcJMDWIyZCtQGcJeWVojXtkJfZ-L0Iz9nqVtrjYwJziIUrYCItI8-FrjSDNTVzE00pEV9n5HGceWsMPw1qgc5s7dD4QJg1RKwxsJekliEXoiQ86HiY2YnQiCAX76FF0vIMdKqfhNGIExiJPG-vB9ggg3DDZKZJLtSGrWgA-0GaN-nXNRZoskgaZEvyGuiIX4zF_ME0gB2pEd5vQCmq10N3D_84oxVg7uzpVrCXqWNjciDuE5zRzojeSB5mkheF9agldmFZhgEyojBIXY_b1JDztsS6CEVWVmZ9Sz1J8PwVjF26jAeYy09eTIsNahqmavpaCr1aFGGnha_HqSHdF9gWc48dRgE7x5z9P7ys1PhnuZCNEP64OM5ba9DxFQGteVWa7dmAaX4uPgQn5sG-aY30NsGcuc6eb8CLKbRr3U5e3nN1QLchT96hJn5HfjVp3kqUyjt8spyJZV3APXVxcxJrX7bW_IdgmOwl4vWGPC05XaTxvpIsgx_7yIJIrEcx7SZiGxud__bu9YdutHFtL0i-gBTFTwYQNQlOeCy9F2n3zhYaiJJk0MSgBdIzRM9_LsFuT6Thf_lSGFJUV5NnOghMOzQCf1SYYQcuy43vCp_pTsUfUCFpwbGIMDNFBFZ9n2UO4ys2vFepIB-Lm5zWpUpXeZhiNgCLNxbVanorVhvn6kG3QP89pdO1LSWtmjWxFKGHfa5qLYxTVxSxxkntiQ-sHZuqp4m6iDRU9RLawyu7oaLtiaTPSh9d3MiEUIJ9zQF0E9QKVXwhvruGV28-NLuDVCgnOL6BeSw4R5Kdxt-EnlXoknFoWmclUOCxLVRKUgl8570fVjAknT3J_kDToeZLr-LhzHeCAR-wls-PAm0ssJwj3a1MAT1Onkv2lYNqXAD9XiM-02KxDngyiVEMXGg9HkMQwGrM0UpcoJ4btw-AqG4QFvzVbY738eeLCeDF-fODSDxUBT9iejc5LzNAg2V5iqm15rIP9UrTriokmBDzSVeFR6R-KJuc0oU9ykHTEh0n-KNio1vnaUhoiwBrA8MbltJCm6040pETil2DSMpIn506RQ6WntFtNKphqy-adbLiyci1&sai=AMfl-YSDwJ5s-NQjDkMzZ59ArmDB6zEYi3CyjVoajJIz34Zc1tUZXoP93Xn2HaIEpEde2biMlh2XLSPSor9gqDsEFZctu4BufLAMeZsRWSMsgYUxirkPMO7cW55-Xvr3AOUS9Zd9W5tUCEXUhMY48bkHbTP1VbVh-r7mHAH6n6ILPAC6fQNTt0tHFNxN9sFrWsZTdt6fuUFe79VscVsUf9YgsNJs&sig=Cg0ArKJSzKhWw3sTiuP1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=315&cisv=r20220901.56507&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
728x090.html
s0.2mdn.net/sadbundle/13702939399333871616/ Frame 46AF 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d775064382a0799231e565c5458e520889294157a736796c9cd6b675c438178a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 08 Sep 2023 10:47:51 GMT
last-modified
Wed, 07 Sep 2022 16:07:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5369 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyifuoNnIG-LU7bG0kJTLzMmTE27_XDNrqI-GBmGcwrS84gb2K1D5VN6o3E9BUIfjq45ypuoGgHl1Es_naDiTDgVdRID6xaGVwYbEe2PrAVWAt-UDMV39lPVp6Z9dbvf4wk5gUzH80nSdQaTg5ofJcWDbSit4rFKKo53G2v-8XyzRZ47AB-NcrWZbqMpI6tyyT-gFnRFWOy9704VnwT4J4azoZFYrfo1iiFMw9yXbuQIwIdi9iREaBC7lwKRFAuAtvq5oITzMt061hSPLAKVgnqBW2FgUVxMNyv38ofqcztSDtiPGoviCLqKhFRkVCPGCEsjtK1w2BB1Oj3ihf-SUiFQGZhjF6oOPYSM_n5-7fhc2t1GX8vUGNjvIXUgq3iNCkOKVBvGnD04iblYxpoTkukxSEIHRch2qsb6XZN-YryTegDnmEbm0m6YTl1hBXkACBoKt183ulJvBcgPPdNAz8A67zNgQmMo-glZL63xN3q_na9Plk7XrDMX9tdAePBPw_kW5RVsqLjVcWPrv5YEXhXZFzGQ0er62ngjT6AvW4b9RmOT3X-8ZaioVOLugU--DuC2Y6SjweXsQ9-2Ivm4fNl-wUvC7Vy8dLzXp70C1vHtNeFS1fvJMAUZa2SLTMvnV_cjbHa-IL1Sm3fBpDdIK7usBEvkRjSGQY-4j9BD4jZndHbNB53Ru2oLNC227K4mRdDx0bHiDK7caE7hloUV5IAtrEg-eRUSh-65mRB3XHifxtkNudeIZywsP1tx2d8A7RaNOnuPZm2V_r8Ayd1qijsTPH6Ez6YB_8sgoi15nlodqa-EQ0PJoNgrzR2QOXliR27308eG8NfmrOVWoqiWkQwEU9fCdctHRdvdXdsUcIW-bUpJLVLh-kJ-tudwD49NfK7iL5pFpZvoy7S8uvx0uoLQCnZfAXeUwKkAAVKNj8U6RDBQEnB9B3qsyUnrulFalX27O_TrU43EpaU2X-N31JCZiAP9gHSV7_CYp5jzBnrWCo4EJxEgFXZ60TfE3pUTXNpJJQFKp2cE93XCPJ4hKLIZJOms85XzbwfFxMczzDfoTsHTystvdBy2OZQA2bAYXzbkrpOI48sj8SHuQJ13TYNAV0GNV2J7N4zKxpzze5gQFIymbwZ3HO7-QyFKpm0fapKPXspRvgSN47BSNEkpuYxQhM3N1c3gS6s7vMyCMvxBtoLtLnvR8zyXEPs8NgbEOQEyWZLrnlYBGl4GeVjO0azZQ7viDfrUJxIbVUxB6z_sF1SGx4T34n7TDTMKbv26jha9UE3LQGbkOKcT7DaCmyjLVNMMz6Z8WeyHo3&sai=AMfl-YSX4z6rZ4EaR3QTY8Q8Rs9krxe0vDvLQEs5vE5pqvhn4XtB9MDNhmilts4gszjGbrzLxL_MbXioOcFaBn7rrkbyeM0CJH8e_pwHtiOYRhnYTO_SHYooGUZd716Dg7dQil7yj8KwwCVKeRmUSMvFo8Ar-vo9ij3gqxVhGSc3p0FZGrxFXUUYuMnh7lc_iwQHNVkn7IH9BixRCE8zt9qx10X-&sig=Cg0ArKJSzL1Y-UTEF-ujEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=302&cbvp=1&cstd=299&cisv=r20220901.49019&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
smtr
contextual.media.net/ Frame 9451 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU62MU8E&cpcd=4dFCXIGN5CVqke7kU6nSlA%3D%3D&crid=661523037&size=320x100&cc=DE&chnm=HARMONY&pid=8POD1F265&tpid=TJT3376&https=1&vif=1&requrl=https%3A%2F%2Fsimcast.com&kwrf=https%3A%2F%2Fsimcast.com&nse=5&vi=1662634071420222360&lw=1&ugd=4&adt1=8CUH5EN48&adt2=101633514&bcpf=B44g4/N448fOnRrolnfOur8a&bdrId=9&ntv=0&matchstring=bcat%3D13i%2Cjs%2C11i%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p1172757011t202209081047&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU62MU8E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
657db32d81c2b2306d1ca327e61cb96458d448a2f10aeab48c10964be0a188d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-c78t
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
26730
x-sc-w
21-7l3h
checksync.php
contextual.media.net/ Frame 2474 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU62MU8E&https=1&itype=CM
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
91e7d1edd0275848e708c4ed47f49695eedbdd92bba1f69a0543354a7118395f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=71727
content-encoding
gzip
content-length
5746
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 09 Sep 2022 06:43:18 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 9451 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=549&&vgd_cdv=792&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=661523037&vi=1662634071420222360&ugd=4&lf=6&kwrf=https%3A%2F%2Fsimcast.com&cc=DE&sc=HE&lper=100&wsip=2886781032&r=1662634071289&requrl=https%3A%2F%2Fsimcast.com&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1662634071113743436&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_pgid=p1172757011t202209081047&vgd_pgids=1&vgd_uspa=0&hvsid=00001662634071285036481820169655&gdpr=1&vgd_end=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Thu, 08 Sep 2022 10:47:51 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=35476
content-length
15
checksync.php
contextual.media.net/ Frame E4A5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033,171,175,178,157,3018,159,214,3014,97,77,99,56,59,38,182,184,141,188,222,201,246,4,203,225,10000,80,9,109,208,82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6fdc9e605b11eec3a9677496dc92cea3d8f3d568c4778249c372049b03f2d7f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=71727
content-encoding
gzip
content-length
8264
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 09 Sep 2022 06:43:18 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 9451 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4477&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=1200961834410420736&s_city=frankfurt+am+main&ugd=4&cliIPV6=2001:1b60:1010:3:1011:6725:0000:0000&bcat%3C%3E=IAB1-6
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 08 Sep 2022 10:47:51 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 08 Sep 2022 16:47:51 GMT
checksync.php
contextual.media.net/ Frame F712 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH5EN48&prvid=2033,171,175,178,157,3018,159,214,3014,97,77,99,56,59,38,182,184,141,188,222,201,246,4,203,225,10000,80,9,109,208,82&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6fdc9e605b11eec3a9677496dc92cea3d8f3d568c4778249c372049b03f2d7f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=71727
content-encoding
gzip
content-length
8264
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
Fri, 09 Sep 2022 06:43:18 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame D3C7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
22188
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 08 Sep 2022 10:47:51 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 381532
X-Served-By
cache-lga21974-LGA, cache-hhn4070-HHN
X-Timer
S1662634071.407061,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 9451 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://simcast.com/&e=wqT_3QKjBKAjAgAAAwDWAAUBCNWQ55gGENzmv7ygyIjdGBjbmsi3k5repRkqNgkAAAkCABEJBywAABkAAAAgrkf1PyEREgApEQn0UwExAAAAQOF6tD8wkrL0CTiUXUDlAUgCUJ_d-xNYlPyRAWAAaO-2qwF43tcFgAEBigEAkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQHIAQDQAQnYAQDgAQDwAQDYAgDgApnHXOoCFGh0dHBzOi8vc2ltY2FzdC5jb20vgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDg7rHAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEJDIwMDE6MWI2MDoxMDEwOjM6MTAxMTo2NzI1OmNjNDI6YTQ1NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggA4AQA8ASf3fsTiAUBmAUAoAUAqgUQM0IwRTUwQzQ3NjlCMkM2QsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYALVwQ2gYWChANDBUBYBAAGADgBgDyBgIIAIAHAYgHAKAHALoHDwgFGgWoMMcGQADIB97XBdIHDQkROQE4CNoHBgknaOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAQ..&s=a3cc4d2f73f4b09888853352d3da2ecf019d2224&bdref=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0,https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0,https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f2ee7a9f-383d-4704-bdab-25b87312fff9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 37DF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
529014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 59B7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB7OLBTgeIqNvEmCLzpZbf0&google_cver=1&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqIN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqINQ1R5V&google_hm=MzA0MTM1NjUzMjMzNjkyNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqINQ1R5V&google_hm=MzA0MTM1NjUzMjMzNjkyNjE1MA%3D%3D
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Sep 2022 10:47:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A2z45YF2dJA_kmrRTKToAVy7V8gz9zwJwE0tvjrty_c_UwXqwU5qcwzz-4QX8VP9Zjdmf6-_y2MJ0JBx5qMb3AqINQ1R5V&google_hm=MzA0MTM1NjUzMjMzNjkyNjE1MA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 59B7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_cver=1&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs&google_hm=aDFCS01JN3AySXZPeEtoZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DpJEb_4rTl8dwXUc_x0Co8vBhoV1FcJpd-kVTEkKigVoT7f4oQbK_YH8TXxKQFie4tM8Iif319gvWq1sKB8SK_K6mCbPs&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 59B7 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESED562Mu4eDeBL7NyCcL7RFQ&google_cver=1&google_push=AehlK4Ce1-cQDllZBgzlj_78SJwOpRDrUuGxya2QBeEgwkXW1z_dQzWQwk8j_TX1ZFp1cT0KSCSur_TtdNcPxrjF7sws7yzt4A2g
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 59B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_hm=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&google_nid=index&google_push=AehlK4DIXr43A3YilWY3OBe8DSJKwj6R9QI0n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_hm=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&google_nid=index&google_push=AehlK4DIXr43A3YilWY3OBe8DSJKwj6R9QI0nU5W21gA7WlEHU_IBRcRG2cEeAzWMh0CovmzIHbIGLbygpSBr37Tp3BgtDY7DgO5
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byv0m0TjxJlwGewU5nIsfQ%2F8qVRiL3zCsakAA%2FWKp4GO0DqiTE92T72pA6eOT5ty1caPYuIg5eYrTpV0pk61ir5RTNiwmTSQsMaTFdrhzowj1Xe%2B3CzgIwuo6J6WczUsjG%2FGGN4tZQrBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0QuigRD-KWuOrULtzCtkc&google_hm=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&google_nid=index&google_push=AehlK4DIXr43A3YilWY3OBe8DSJKwj6R9QI0nU5W21gA7WlEHU_IBRcRG2cEeAzWMh0CovmzIHbIGLbygpSBr37Tp3BgtDY7DgO5
cache-control
no-cache
cf-ray
74771bc25e9490a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 59B7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.targeting.unrulymedia.com/csync/RX-256a1cd0-ac85-41a9-ab0c-5aae0016197a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cj4yrx8m1gXT-q9G4Op...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD&google_hm=AyVqHNCshUGpqwxargAWGXo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD&google_hm=AyVqHNCshUGpqwxargAWGXo
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cj4yrx8m1gXT-q9G4OpK33dJ4Fnrs2LFZGO-H4C-UZCPwACqxkwiLP-1w8Kuyv92i7Uvymij-U4xI4NOz4C8upBeHh0IAD&google_hm=AyVqHNCshUGpqwxargAWGXo
date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX256a1cd0ac8541a9ab0c5aae0016197a003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 59B7
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDz3mWCsIR3Ci2q1fxPCeSI&google_cver=1&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez&google_hm=WXhuSVdNQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez&google_hm=WXhuSVdNQ281dEFBQUxHeEQzNEFBQUFB
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
25
Date
Thu, 08 Sep 2022 10:47:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEDz3mWCsIR3Ci2q1fxPCeSI&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez&proto=google_ebda","cluster_id":25,"gdpr":true,"ipv4":"0.0.0.0","key":"YxnIWMCo5tAAALGxD34AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad345"}
X-SO-Ads-Time
1
X-SO-Key
YxnIWMCo5tAAALGxD34AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad345
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CeSxfKMsD01k0lbCQb7KvRUsKf4DA2t9Mk3lU57dqYDK2arcynXhlwje8nTqXvmr2MGz1DFFV70XdQPU0I3OD8n2ettfez&google_hm=WXhuSVdNQ281dEFBQUxHeEQzNEFBQUFB
Cache-Control
private
X-SO-HostName
m-ad345.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-IP
217.114.215.132
/
cc.adingo.jp/adx/push/ Frame 59B7 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEKaC6v5Yt_x6KMx1Z_-oKyc&google_cver=1&google_push=AehlK4AnQhNJpcF2Pk3TFL6GbZRFw2dYccdOKpl4_2D6fQuMDtMAhnaedZih3JE6c_uY5zQlMgHFYeGGhMsuvg6XLMIxfuNzwSnR
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.26.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-26-149.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 59B7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRbA3N4jpAV2Mgo6uxQIOSbiL0V2htpE1eltUSmDDVZWI2UNDzODQzblPmr1aw05i0e3ih
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7075 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
529014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2003&nested=1&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
dpixel
cms.quantserve.com/ Frame 5A0F 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL-pH7ak3DZJANm8EHUK5Fs&google_cver=1&google_push=AehlK4ANExUIm8ulPSD4XElqLt6dcH2XN83FYXWaRtGXXowOW4KO7vt16cN743okBdWpRkY7g4tTgCPha59u-7F9_oMEbyNGQw
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEMY9rgEFgqJ2-rtHHTsZ6nE&google_cver=1&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFA...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFAJkhknLIJsdaVvilA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFAJkhknLIJsdaVvilA
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4B3oeXjz0gxuOoB_KO1GUQlbkMlOxXKqDK7QN3FWV3QiqUblhK39Fxjx7IQpbJRt5KbR6EZW4W4rFAJkhknLIJsdaVvilA
Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_cver=1&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMQhOb4S623ZAGRy-pft4wc&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4&google_hm=aDFCS01JN3AySXZPeEtoZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4CtS5Obdelui3-fSFImtr-Z6cqAx5Y7cfPspWfsoqi7EwOY-ZjPKpxboAxPJhnRTEUwmxWofYbMtvEbJK8gnzBSih6I4r4&google_hm=aDFCS01JN3AySXZPeEtoZFZ0X0g=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAt4wBOvjV0hdy6Vfh7-lUk&google_cver=1&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4fxuthd_fQg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4fxuthd_fQg
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4C8A9-haIe0PLdjguD6g6TEJtGSS2msfyVneUW_VxQp_-Ws3ysyv9JPzTpqyRfd0uyjgyrVTIjG2-67qcu4fxuthd_fQg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
T5sH5mvePKUo7O0CxQFOGdHOaNMqEE2NHXqg9pZfxMrujmjA8i9naA==
pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHnU_6wN5qQ_si0faDFnYhA&google_cver=1&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk&google_hm=ZzUzYWNiNDNlMWQ2M2NkY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk&google_hm=ZzUzYWNiNDNlMWQ2M2NkYzk1ZmU=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4BMTi-UmEbOgbrflO2B37_0aPFEtnJUWLIyBswf3spA3zKg9MvMyKyIpD76jTpLjwYKZzwmQJdu77BZSa9EnUuHr3-vzZk&google_hm=ZzUzYWNiNDNlMWQ2M2NkYzk1ZmU=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECLh0r0Ti5SANHmZktD17KE&google_cver=1&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7g...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECLh0r0Ti5SANHmZktD17KE&google_cver=1&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7g...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13OFR2ekw1RTJ1RnZfdU83NHQ1WTJWZEV0Q3RCTHowMn5B&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkoc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13OFR2ekw1RTJ1RnZfdU83NHQ1WTJWZEV0Q3RCTHowMn5B&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7goTIoqyT656LXRxRXObgYCDxE6a
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13OFR2ekw1RTJ1RnZfdU83NHQ1WTJWZEV0Q3RCTHowMn5B&google_push=AehlK4BckfiBPJOmZQ4cZJA4zEdthVrKFqNQo-smCopQS0JWEACMZxkocQICRoCNrVfgHKXu7goTIoqyT656LXRxRXObgYCDxE6a
date
Thu, 08 Sep 2022 10:47:51 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 5A0F
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJvoHs5J-r34EAPuk9OAooI&google_cver=1&google_push=AehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAgabf2pEBVXf4EPoHi3ZX5WaX2UL-n1aMwi
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAga...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAgabf2pEBVXf4EPoHi3ZX5WaX2UL-n1aMwi&gdpr_consent=&gdpr=
Protocol
HTTP/1.1
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Thu, 08 Sep 2022 10:47:51 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4DVozgTwBne_fd6cDykDdPo00CH5-jb9IuMsPx1xRHlUSg2ahClbRKrsjAfjAgabf2pEBVXf4EPoHi3ZX5WaX2UL-n1aMwi&gdpr_consent=&gdpr=
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
271
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 5A0F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVRY2Ib7mAufoUr3AXqli-KWzJJgJ0O8Jhes4NQ5zNopTxrKtccXiOuxEXulh66Xs2XA4OFbw
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E02B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIBpkbYJ5Gyd7amuqzvaIqM&google_cver=1&google_push=AehlK4Cn-2KdsYnOE4c0Xgb9dWV5YeoZFpmWuPg-NTTxii9zYvG6Pyz2UuSWVtgvWuegzRUzWcPTfe-gzpAxysTSgnR2Nc3uSEYD
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dds
rtb.openx.net/sync/ Frame E02B 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEK4GXDGllB15hrkfl2wNYbA&google_cver=1&google_push=AehlK4Dv-46KYVZFrZP0ZnT-uV5rIYER0C8hkE9nYdxTVI8vXBf2Be4QTyNAjQQXMKhtTqVbrwUTYAiFtHGLgBW9A3gOL9iBd5mI
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:50 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
4j2tb0ktik7v8g8cb37m7kk2au954ti3
pixel
cm.g.doubleclick.net/ Frame E02B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHsqpShucsxYjhEXxqPNFk2xEzssTbeZuTn9A188kNoNfAx-s_qCMfwRMVgiFvG4nh1fAOHAHdS5kOHj5KW71IbuebO_fp
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHsqpShucsxYjhEXxqPNFk2xEzssTbeZuTn9A188kNoNfAx-s_qCMfwRMVgiFvG4nh1fAOHAHdS5kOHj5KW71IbuebO_fp
date
Thu, 08 Sep 2022 10:47:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E02B
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAt4wBOvjV0hdy6Vfh7-lUk&google_cver=1&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUp...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUpHPkUjkQJnfqq
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUpHPkUjkQJnfqq
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bq7VoO5O_XM33Vm14GzIcOM9gkaIZuPuypcGhKSJWH-MXbAJHW_ThpSTLsPdhWG0l_dtqNDbPgCKpe8ZUpHPkUjkQJnfqq
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7QGF6Fcb3VIdrwKiwJRSe33R5PNrFJmVzblQAzqGqMUvs7cjKQ3R8A==
pixel
cm.g.doubleclick.net/ Frame E02B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENRZXqByVOq5Zwq261CYhxs&google_cver=1&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYzMDExMDI3NDk1ODEzNjg5Nzk0&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYzMDExMDI3NDk1ODEzNjg5Nzk0&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYzMDExMDI3NDk1ODEzNjg5Nzk0&google_push=AehlK4Dn6HlTZDnFbbbKvWIYWXlabDtOnqVVrV4R_SxeWz9UIdGeALA7ZGVD4oAWvP2OI3_c-E8t8o8CBRfeFvfmrsZRhKiVEf5r
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E02B
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELzx92aKkk7NJjewyTUGFF8&google_cver=1&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHIC...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHICkvfwokg&google_hm=MTk5NzkwM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHICkvfwokg&google_hm=MTk5NzkwMTkyMjEzMjI3MjQ1OA==
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4B293_XGNabTuCth7ry01D6zYgrBW_hy5nRIAFG8pgnHmwxfxVyhbulw0sGFpi3Cr2XNd2A_XguZ7LoHHlqOIdXHICkvfwokg&google_hm=MTk5NzkwMTkyMjEzMjI3MjQ1OA==
Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
b1sync.zemanta.com/usersync/googleadx/ Frame E02B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPo8C_49y40CXrna5Qy23x4&google_cver=1&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvs...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPo8C_49y40CXrna5Qy23x4&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvs...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4A6O2-6CJxmw_ciPkcUzzxjDPifGp9E7d5zQk9dSSOSE2RT8FfzPtwdQ5yC9jj6yZ6N5120AUooGkBvsB02ts65fO8ogNo42w&google_hm=aDFCS01JN3AySXZPeE...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Protocol
HTTP/1.1
Server
64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:52 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E02B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOULCVHFcX5DfvupGR3-bK0HErfnKYuXRxSuKvUcbsQplqRyFBVzT4Hn5pwM8QR-AgWkiTi_g
Requested by
Host: 385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
URL: https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 68EE 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:27 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 68EE 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 10:47:51 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 39FF 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:27 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 39FF 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 10:47:51 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 46AF 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:11:27 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 46AF 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 10:47:51 GMT
ptag
a.audrte.com/ Frame 007C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a547c3bc669db757e51834cdae4a7a395f718463509944d5a525cb17c8296e70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
um
u-ams02.e-planning.net/ Frame 007C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dcca6fba3c858d920%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=cca6fba3c858d920&uid=5263463049080341825
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=cca6fba3c858d920&uid=5263463049080341825
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ec01279-bacf-45f9-ab0f-9faf45ef0cc5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=cca6fba3c858d920&uid=5263463049080341825
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 007C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dcca6fba3c858d920%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=cca6fba3c858d920&uid=ua-5049bd26-1108-3368-b104-d07de08518a3
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=cca6fba3c858d920&uid=ua-5049bd26-1108-3368-b104-d07de08518a3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=cca6fba3c858d920&uid=ua-5049bd26-1108-3368-b104-d07de08518a3
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 007C 		478 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 07 Sep 2027 10:47:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 72B8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36672094&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b33755ed37848e8b315b1bd34b042e9dafa09db1159d61b3cc59512756f40dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
vevent
fra1-ib.adnxs.com/ Frame 9451 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https://simcast.com/&e=wqT_3QL3BPBMdwIAAAMA1gAFAQjVkOeYBhCyw_Dcw_2bvGIY25rIt5Oa3qUZKjYJO99PjZduwj8R4cyv5gDBvD8ZAAAAIK5H9T8h4cyv5gDBvD8pO98JJNgxAAAAQOF6tD8wkrL0CTiUXUCVCUhgUNi_iKgBWJT8kQFgAGjvtqsBeN7XBYABAYoBA1VTRJIBAQb06AGYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AL9wFzqAhRodHRwczovL3NpbWNhc3QuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTIwMDk2MTgzNDQxMDQyMDczNl9zYmlkGhM3MDk1NTQ0MjczMzI1MjY5NDI2IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDg7rHAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEJDIwMDE6MWI2MDoxMDEwOjM6MTAxMTo2NzI1OmNjNDI6YTQ1NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATYv4ioAYgFAZgFAKAFgNTWxs6Nq9UQqgUQM0IwRTUwQzQ3NjlCMkM2QsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOMcGQADIB97XBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAE.&s=6dfb5436aca253a37b732a5fc4e72aec1f38e148&type=nv&nvt=5&jm=1003&sid=3829036201243080383&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20781330&sw=1600&sh=1200&pw=1600&ph=2035&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ac83f99e-f004-4f30-ad4c-a08cb42f2e31
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 862B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:51 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Sep 2022 10:47:51 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame CFF6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a2ed0e1930bde8ec83d68b886e7249d6b3b31587880a05a7c46df3f552cea7

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74771bc34abf9a12-FRA
content-encoding
br
content-type
text/html
date
Thu, 08 Sep 2022 10:47:51 GMT
dropped-udsids
39|241|230|46|188|90|24|65
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx5BIyNXUTZUzHdIU4o%2BuGZJaKK7WmyPLeudTLytidmtiJUpc4MWWH%2BQO6Tjqim588zQASkomJbug2o8DMjFCzbhowHcix6tT5PnLe0g0xkqe5DuE9vKfsP86uL9mUCls1ERRpnp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 8397 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 08 Sep 2022 10:47:51 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
9a1773f017261f04fa4c8dc3ed21508d
x-cf-tsc
1653097467
x-cf1
29080:fD.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame C5C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 33B6 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f37fcf7fa38e9f78f48b8daf17b98907445378568ff2df7f791fff79aef307e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
74771bc33fcb9956-FRA
content-encoding
br
content-type
text/html
date
Thu, 08 Sep 2022 10:47:51 GMT
server
cloudflare
vary
Origin
via
1.1 google
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 2825 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
async_usersync
ib.adnxs.com/ Frame D3C7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
924d5eba-9ef7-45bc-a412-44475a74e658
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 37DF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 7075 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CB60 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAyeL8oJQcICCR_k6gEeWcvdNkTnMJgERUTxP-jBfguAl1epSaNR9v4Ci7klepDU5p_VKebhJf6IyXb3heSeoqW_44W4KIQq-tQSyL2_68KxmqrLgkVi1qp1dexSIi2XmB2AYtvsrVmZPdvZAYU-5Bi-LH3G0dOEHwCuXa_6f73B1ONIRCEe9INDGY0nHvE4p4ilPv5EdPtWANTGDf9s3b8PX0UNZvP-5nqqqrTcUcJMDWIyZCtQGcJeWVojXtkJfZ-L0Iz9nqVtrjYwJziIUrYCItI8-FrjSDNTVzE00pEV9n5HGceWsMPw1qgc5s7dD4QJg1RKwxsJekliEXoiQ86HiY2YnQiCAX76FF0vIMdKqfhNGIExiJPG-vB9ggg3DDZKZJLtSGrWgA-0GaN-nXNRZoskgaZEvyGuiIX4zF_ME0gB2pEd5vQCmq10N3D_84oxVg7uzpVrCXqWNjciDuE5zRzojeSB5mkheF9agldmFZhgEyojBIXY_b1JDztsS6CEVWVmZ9Sz1J8PwVjF26jAeYy09eTIsNahqmavpaCr1aFGGnha_HqSHdF9gWc48dRgE7x5z9P7ys1PhnuZCNEP64OM5ba9DxFQGteVWa7dmAaX4uPgQn5sG-aY30NsGcuc6eb8CLKbRr3U5e3nN1QLchT96hJn5HfjVp3kqUyjt8spyJZV3APXVxcxJrX7bW_IdgmOwl4vWGPC05XaTxvpIsgx_7yIJIrEcx7SZiGxud__bu9YdutHFtL0i-gBTFTwYQNQlOeCy9F2n3zhYaiJJk0MSgBdIzRM9_LsFuT6Thf_lSGFJUV5NnOghMOzQCf1SYYQcuy43vCp_pTsUfUCFpwbGIMDNFBFZ9n2UO4ys2vFepIB-Lm5zWpUpXeZhiNgCLNxbVanorVhvn6kG3QP89pdO1LSWtmjWxFKGHfa5qLYxTVxSxxkntiQ-sHZuqp4m6iDRU9RLawyu7oaLtiaTPSh9d3MiEUIJ9zQF0E9QKVXwhvruGV28-NLuDVCgnOL6BeSw4R5Kdxt-EnlXoknFoWmclUOCxLVRKUgl8570fVjAknT3J_kDToeZLr-LhzHeCAR-wls-PAm0ssJwj3a1MAT1Onkv2lYNqXAD9XiM-02KxDngyiVEMXGg9HkMQwGrM0UpcoJ4btw-AqG4QFvzVbY738eeLCeDF-fODSDxUBT9iejc5LzNAg2V5iqm15rIP9UrTriokmBDzSVeFR6R-KJuc0oU9ykHTEh0n-KNio1vnaUhoiwBrA8MbltJCm6040pETil2DSMpIn506RQ6WntFtNKphqy-adbLiyci1&sai=AMfl-YSDwJ5s-NQjDkMzZ59ArmDB6zEYi3CyjVoajJIz34Zc1tUZXoP93Xn2HaIEpEde2biMlh2XLSPSor9gqDsEFZctu4BufLAMeZsRWSMsgYUxirkPMO7cW55-Xvr3AOUS9Zd9W5tUCEXUhMY48bkHbTP1VbVh-r7mHAH6n6ILPAC6fQNTt0tHFNxN9sFrWsZTdt6fuUFe79VscVsUf9YgsNJs&sig=Cg0ArKJSzKhWw3sTiuP1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=666&vt=11&dtpt=347&dett=3&cstd=315&cisv=r20220901.56507&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 6511 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsub4HGIekQDsSRzGBcHtIeTBJj3G14u3l72K1pL0eTbcFAZTHjkYvTVM9c9ZhtU_UydtlsuVrvphMEVUexGZuNxtDmGJDK0Wt00YDRG09gHTf6EKK8EKHgKVABpvL8YGQd1G06xc-hRzPdA4hhh7j2kTJEn9Eh04wdvv_EZL2ybgo2PmNngUGcBvRtO7RJEH-fYI_hWE_lndr8lM5Ju04wsQ6s_vSXN8EppuzWtyNcNZiGWoSWJ36bphkdvt0aEY4Hfs9xPFtSXWgfR6v7f7UwxZvVslFRlAQkZ84TukyLMA_lmpf2Rq1fJGVsSGzPVD8LjVEDvDGtZNOgL6TOacB84XJg7uHjulWxW3WmcQPK2D2EwK0e5QDuSULzgY1m0y13R3Sou6IB8G7aWnpT4NCXUva4qRktwGBqJyjfLfaye-xixabih2D5V0phwcQ0hOVpfs829WIv0uOMj8C5s_FQiBWWZTsOfrn3zQlj6n41jXcczNH_BndpJcPPYEDhEj0CG1lGH3QfSbjM53ecrjGIxHTfVbwT05Q3bMn87W8S20lgqmdmLX2RIcqxJb-6YkjVoxE8B9lFk_I9o_x2NrIQluvXn3JhFL5DiYX9PrxRiBwjDLln2HJn76fbXHUSheqb3d-zeM6zS_A9sqtWl6f5I-unCk5Pf-Eu92UxKdpacEL6GZsRlRQKvogkt1XUpK7i2Zwm8kl3Xb4bG4KKxnYS_sZKgxNGrAovaPYGfjBho1gUrYQtJiTTEaI4NWb4vPmwlGmBWMoJjlsf40BGf5yDlcBFCWJlMwj5dwuCiVdUQqglTPTWCOy7b0MvLBjPurVdS0KnLH33fki3vyF44p2JRQ5Ft1zqkPOwuzXrTobV1X94DLKK--k74p_QKKQZ23ZkOLdQo55z25Q0OprycRmwpePYypRhVYLP3Do_0a3Hq3-_Xml63q17Fs3BloqujqBVxCLL_jNBORJxbzRrpA8py2wG6mfRitrgNnEpLOJLiH1DSnhg-BtlYl1E964dlI1rxD6s1bbdbmmn_pY4VrNsKusqXq8gMhss57jN0A4Z-ICbXUjAxAKkRrDLxl4_zger4tBVKZVM70ZEAjkEDwWY6yIvegWan6XTvxoYY3vJvlnTC6ZeuDKpDSA3Mm8ExAGatFd4yyhN9reCWb5ihorCSFy0M19IfHTEZhxp3zdQa9el3uJTTAjTUzGyrEoQJubtoo9HoctWWunaAHUaOxM46zWKKL8eFAADK85GzPTFWKDDkjHyVOoAyxY80Rw3eewMGKhUFoVHUkKcXn7RjM40r389TLuX8e2Q5Qg&sai=AMfl-YQ-3Kb5kVD9978TjoLjm96NYMhRKVzLNjTMWdBIhlGVEpkdt7W1Prb0p84fvk0adG9bYIBDxzvvMKEv9dfu2H5Arf3oWyBHbW2Z7WK9Mk6jMdBPJs_U_1p8nzymQlnPh2Isv-ct1rzDI0YJJlMbu1XsO6z4AX15jrsnghfsG8ihFBpXN4pHLqisYEozo7TESaJ1Beb_3HMxsTKfU-gvqZGM&sig=Cg0ArKJSzJdtXAJWq6ZTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=657&vt=11&dtpt=361&dett=3&cstd=287&cisv=r20220901.68608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5369 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyifuoNnIG-LU7bG0kJTLzMmTE27_XDNrqI-GBmGcwrS84gb2K1D5VN6o3E9BUIfjq45ypuoGgHl1Es_naDiTDgVdRID6xaGVwYbEe2PrAVWAt-UDMV39lPVp6Z9dbvf4wk5gUzH80nSdQaTg5ofJcWDbSit4rFKKo53G2v-8XyzRZ47AB-NcrWZbqMpI6tyyT-gFnRFWOy9704VnwT4J4azoZFYrfo1iiFMw9yXbuQIwIdi9iREaBC7lwKRFAuAtvq5oITzMt061hSPLAKVgnqBW2FgUVxMNyv38ofqcztSDtiPGoviCLqKhFRkVCPGCEsjtK1w2BB1Oj3ihf-SUiFQGZhjF6oOPYSM_n5-7fhc2t1GX8vUGNjvIXUgq3iNCkOKVBvGnD04iblYxpoTkukxSEIHRch2qsb6XZN-YryTegDnmEbm0m6YTl1hBXkACBoKt183ulJvBcgPPdNAz8A67zNgQmMo-glZL63xN3q_na9Plk7XrDMX9tdAePBPw_kW5RVsqLjVcWPrv5YEXhXZFzGQ0er62ngjT6AvW4b9RmOT3X-8ZaioVOLugU--DuC2Y6SjweXsQ9-2Ivm4fNl-wUvC7Vy8dLzXp70C1vHtNeFS1fvJMAUZa2SLTMvnV_cjbHa-IL1Sm3fBpDdIK7usBEvkRjSGQY-4j9BD4jZndHbNB53Ru2oLNC227K4mRdDx0bHiDK7caE7hloUV5IAtrEg-eRUSh-65mRB3XHifxtkNudeIZywsP1tx2d8A7RaNOnuPZm2V_r8Ayd1qijsTPH6Ez6YB_8sgoi15nlodqa-EQ0PJoNgrzR2QOXliR27308eG8NfmrOVWoqiWkQwEU9fCdctHRdvdXdsUcIW-bUpJLVLh-kJ-tudwD49NfK7iL5pFpZvoy7S8uvx0uoLQCnZfAXeUwKkAAVKNj8U6RDBQEnB9B3qsyUnrulFalX27O_TrU43EpaU2X-N31JCZiAP9gHSV7_CYp5jzBnrWCo4EJxEgFXZ60TfE3pUTXNpJJQFKp2cE93XCPJ4hKLIZJOms85XzbwfFxMczzDfoTsHTystvdBy2OZQA2bAYXzbkrpOI48sj8SHuQJ13TYNAV0GNV2J7N4zKxpzze5gQFIymbwZ3HO7-QyFKpm0fapKPXspRvgSN47BSNEkpuYxQhM3N1c3gS6s7vMyCMvxBtoLtLnvR8zyXEPs8NgbEOQEyWZLrnlYBGl4GeVjO0azZQ7viDfrUJxIbVUxB6z_sF1SGx4T34n7TDTMKbv26jha9UE3LQGbkOKcT7DaCmyjLVNMMz6Z8WeyHo3&sai=AMfl-YSX4z6rZ4EaR3QTY8Q8Rs9krxe0vDvLQEs5vE5pqvhn4XtB9MDNhmilts4gszjGbrzLxL_MbXioOcFaBn7rrkbyeM0CJH8e_pwHtiOYRhnYTO_SHYooGUZd716Dg7dQil7yj8KwwCVKeRmUSMvFo8Ar-vo9ij3gqxVhGSc3p0FZGrxFXUUYuMnh7lc_iwQHNVkn7IH9BixRCE8zt9qx10X-&sig=Cg0ArKJSzL1Y-UTEF-ujEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&vt=11&dtpt=347&dett=3&cstd=299&cisv=r20220901.49019&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
match
c1.adform.net/serving/cookie/ Frame BA36
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 08 Sep 2022 10:47:51 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7C95
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4904851706845890458
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4904851706845890458
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4904851706845890458
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D30B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d126319-c857-4e00-975b-90b936fe006c&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d126319-c857-4e00-975b-90b936fe006c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 07 Sep 2022 20:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 08 Sep 2022 10:47:51 GMT
Expires
Thu, 08 Sep 2022 10:47:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master cdg-pixel-x24 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d126319-c857-4e00-975b-90b936fe006c&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 5E35 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:50 GMT
expires
Thu, 08 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
763504
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
csync
sync.adtelligent.com/ Frame 03BE 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 08 Sep 2022 10:47:50 GMT
Etag
a618f5d1b954ec61
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 72B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z6iiyiE3TTSRX5wNkNHxlA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166431
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 10 Sep 2022 09:01:42 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a716319-c857-4f00-9892-9fc46be93008
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a716319-c857-4f00-9892-9fc46be93008
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a716319-c857-4f00-9892-9fc46be93008
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Sep 2022 10:47:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame 72B8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=159a75b5a463601920afd4b467f72e2d&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0ZBOEEyQ0EtMjEzNy00RDM0LTkxNUYtOUMwRDkwRDFGMTk0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:49 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3LCsNHd7kNRHFTnyDNoQ&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3LCsNHd7kNRHFTnyDNoQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:49:04 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3LCsNHd7kNRHFTnyDNoQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 72B8 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 07 Sep 2022 10:47:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3693311076331742190
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3693311076331742190
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 21:17:17 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3693311076331742190
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 72B8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5263463049080341825&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5263463049080341825&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:50 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:51 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4773d743-6456-4aa0-b3fa-b076348a18e0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5263463049080341825&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 72B8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JI3IvXGGzLM_iJ-2J4zU5iGGy-E_38HiI43imHRC
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JI3IvXGGzLM_iJ-2J4zU5iGGy-E_38HiI43imHRC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JI3IvXGGzLM_iJ-2J4zU5iGGy-E_38HiI43imHRC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 68EE 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36730b81cf788094fe626ffdb6831e33ae4ac53efe5a4e801e32f64cf8b2b051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5681
x-xss-protection
0
60005582_20220627070124827_STANDARD_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 68EE 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070124827_STANDARD_300x250_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1806f19d72e2b328d763fb64435df4928f56e8d6e00176f00321307a1093ef13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 17:52:14 GMT
x-content-type-options
nosniff
age
60937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35953
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:01:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 17:52:14 GMT
60005582_20220627070121338_STANDARD_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 68EE 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070121338_STANDARD_300x250_LOOK-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cf30264c26fef49afc93a6e9f4045f4f9e0a5eb0479df70ce2f08837bb63fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 16:35:50 GMT
x-content-type-options
nosniff
age
65521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33085
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:01:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:35:50 GMT
60005582_20220907053256067_STANDARD_300x250_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 68EE 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220907053256067_STANDARD_300x250_LOOK-03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f725cd3841b515b5b550889338d3b8d4923a5f38dd31229642c831aeaca6aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9653218171909308416/300x250.html?e=69&leftOffset=0&topOffset=0&c=UjcN8Z7CGt&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 14:19:56 GMT
x-content-type-options
nosniff
age
73675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29420
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 12:32:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 14:19:56 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 68EE 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332160101_170181290_SOHO0101A20220502&ref=27513879_4307561_332160101_170181290_SOHO0101A20220502
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame 39FF 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e120b113bed2d0490520cdaccfe2c1d992a8c8da9756d71a46b25acbba81e0e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5505
x-xss-protection
0
60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 39FF 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a60c69a8bf2d56c3a5cbb3bf90fcc525e5d30dbf666cc30183f0596161dacda0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 17:52:38 GMT
x-content-type-options
nosniff
age
60913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31592
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 17:52:38 GMT
60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 39FF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6119b3a6a86e05dcafef83df6c5cd162bd1dfa6965ef1ab3388fcf8c7b6b5572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 18:33:13 GMT
x-content-type-options
nosniff
age
58478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30018
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:00:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:33:13 GMT
60005582_20220907053324540_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 39FF 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220907053324540_STANDARD_728x090_LOOK-03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca23565b5fad005fac96912729c5a400eb06ae8664e76ed1efb52a7219d46b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=kcPdhJZFje&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 14:25:58 GMT
x-content-type-options
nosniff
age
73313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26923
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 12:33:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 14:25:58 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 39FF 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332317081_170181287_SOHO0103A20220502&ref=27513879_4307561_332317081_170181287_SOHO0103A20220502
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Last-Modified
Wed, 11 May 2022 05:12:26 GMT
Server
Apache
ETag
"2b-5deb57cb16280"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 46AF 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070858524_STANDARD_728x090_LOOK-01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a60c69a8bf2d56c3a5cbb3bf90fcc525e5d30dbf666cc30183f0596161dacda0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 17:52:38 GMT
x-content-type-options
nosniff
age
60913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31592
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 17:52:38 GMT
60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 46AF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070047427_STANDARD_728x090_LOOK-02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6119b3a6a86e05dcafef83df6c5cd162bd1dfa6965ef1ab3388fcf8c7b6b5572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 18:33:13 GMT
x-content-type-options
nosniff
age
58478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30018
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:00:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:33:13 GMT
60005582_20220907053324540_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 46AF 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220907053324540_STANDARD_728x090_LOOK-03.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca23565b5fad005fac96912729c5a400eb06ae8664e76ed1efb52a7219d46b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 14:25:58 GMT
x-content-type-options
nosniff
age
73313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26923
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 12:33:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 14:25:58 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 46AF 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332317081_170181287_SOHO0103A20220502&ref=27513879_4307561_332317081_170181287_SOHO0103A20220502
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13702939399333871616/728x090.html?e=69&leftOffset=0&topOffset=0&c=qGoYtXUbiS&t=1&renderingType=2&ev=01_247
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame 46AF 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a446d497ec0e406d08c3f792f10566bd5dde3f063a365ef7341d0c3860d0a379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5573
x-xss-protection
0
getuid
ib.adnxs.com/ Frame 33B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 33B6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=047eb59a-4368-4c23-b37f-c475d9de397b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=047eb59a-4368-4c23-b37f-c475d9de397b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc60c8e9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=047eb59a-4368-4c23-b37f-c475d9de397b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 33B6 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 33B6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 33B6 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1662634072.849877,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4053-HHN
u
dmp.v.fwmrm.net/ad/ Frame 33B6 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:96e:5500:bf36:df5c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 33B6 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626023d3-1076-437e-68cd-2d8263d2b8a6%26reqId%3Db9ffc0e6-48e8-4594-79c9-edfe002398ac%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=6ef46c5c-6429-48f1-a346-1ede3716de53&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6ef46c5c-6429-48f1-a346-1ede3716de53&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc6adbe9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=6ef46c5c-6429-48f1-a346-1ede3716de53&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=626023d3-1076-437e-68cd-2d8263d2b8a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=626023d3-1076-437e-68cd-2d8263d2b8a6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=71042662779673182790456276821914231791&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=71042662779673182790456276821914231791&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bca7b949956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v039-088076b74.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vQAcLClVTgo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=71042662779673182790456276821914231791&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 33B6 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=626023d3-1076-437e-68cd-2d8263d2b8a6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022090822-73599-0.553600001662670452-c8cb10af36a24c1abebe6f54e5db866f&zdid=533&env=mWeb
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022090822-73599-0.553600001662670452-c8cb10af36a24c1abebe6f54e5db866f&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc5dc3b9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022090822-73599-0.553600001662670452-c8cb10af36a24c1abebe6f54e5db866f&zdid=533&env=mWeb
Date
Thu, 08 Sep 2022 20:54:12 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7140958960186554507&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7140958960186554507&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc5ac129956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7140958960186554507&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 33B6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=626023d3-1076-437e-68cd-2d8263d2b8a6
date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=626023d3-1076-437e-68cd-2d8263d2b8a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=626023d3-1076-437e-68cd-2d8263d2b8a6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=2Fl1wcRqu.4DO70rfYaplu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-45...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=2Fl1wcRqu.4DO70rfYaplu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc68d8b9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
last-modified
Thu, 08 Sep 2022 10:47:52 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=2Fl1wcRqu.4DO70rfYaplu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 33B6 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=626023d3-1076-437e-68cd-2d8263d2b8a6&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=626023d3-1076-437e-68cd-2d8263d2b8a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=626023d3-1076-437e-68cd-2d8263d2b8a6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc7df829956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.8.150
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-.MBMGBdE2orzcaEtiHfo.t2NQfXXeaZYYA--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-.MBMGBdE2orzcaEtiHfo.t2NQfXXeaZYYA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc72e889956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
http/1.1 spdc0104.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-.MBMGBdE2orzcaEtiHfo.t2NQfXXeaZYYA--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBHztSxX2OOWiktcGyfJg91y%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBHztSxX2OOWiktcGyfJg91y%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc73e8a9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBHztSxX2OOWiktcGyfJg91y%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 33B6 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.178.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-178-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1662634072
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 33B6 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YxnIWAAMW-So2wAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edf...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YxnIWAAMW-So2wAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&_test=YxnIWAAMW-So2wAK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc7ffcf9956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662634072.289240,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YxnIWAAMW-So2wAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&_test=YxnIWAAMW-So2wAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=7a716319-c857-4f00-9892-9fc46be93008&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7a716319-c857-4f00-9892-9fc46be93008&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc7df859956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Thu, 08 Sep 2022 10:47:52 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=7a716319-c857-4f00-9892-9fc46be93008&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 08 Sep 2022 10:47:51 GMT
usermatch.gif
beacon.krxd.net/ Frame 33B6
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe0023...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
54.77.178.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-178-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1662634072
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
date
Thu, 08 Sep 2022 10:47:52 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 33B6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68c...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68c...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
V8253V86B1SXHCMP29SQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
567M7264MGCWGQGVEQBD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 33B6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d826...
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d826...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
051NSRMG566D2V5C5MWN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
FF3Q8WNS2QJKAN4KH144
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=626023d3-1076-437e-68cd-2d8263d2b8a6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 33B6 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=626023d3-1076-437e-68cd-2d8263d2b8a6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 33B6
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D626...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74771bc888969956-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
date
Thu, 08 Sep 2022 10:47:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 33B6 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a73ab09149791dc5a05d7ac48f6b9b26e02e1c36787fe89e847653a9578d04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bc4ba7b9956-FRA
date
Thu, 08 Sep 2022 10:47:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
casale
match.adsrvr.org/track/cmf/ Frame CFF6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CFF6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
MK7JJCM62EX3E9TD670C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
28TJSQ4AM5M29S2C2BXQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CFF6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxnIVupxL-Q16n-AH698rAAABJEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame CFF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
CookieIndex
rtb.adentifi.com/ Frame CFF6 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.180.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-180-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
no_match_opted_out
um.simpli.fi/ Frame CFF6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Thu, 08 Sep 2022 10:47:51 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 07 Sep 2022 10:47:51 GMT
rum
dsum-sec.casalemedia.com/ Frame CFF6
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=771cc470-05a4-4233-b9a3-feaa933208c9&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=771cc470-05a4-4233-b9a3-feaa933208c9&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6pVdPe%2BoNp8WQWj3WX1%2Bk6gFdrflBIV1wA4Iq3ZusBXtIw7aYQAJPrFi%2F7URP9q49hqOVNLeJphS1pajk%2FeZJbh68l%2FYW%2BUPBTdqm6FaQezz7ezkr4lceian3KrafNtIpBLolev0AdNsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
74771bc5c83a91f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=771cc470-05a4-4233-b9a3-feaa933208c9&us_privacy=null&gdpr_consent=null&gdpr=1
date
Thu, 08 Sep 2022 10:47:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74771bc51a6b903a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
rum
dsum.casalemedia.com/ Frame CFF6
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662720471&gdpr=1
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662720471&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74771bc6ddea91d8-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGPMJH1cMCUU9c1hjfQp41iWjQSII2un1%2BarOLXH0gHxzngkdcPOAqQsFNPe8OyYD92%2Bp0aCZVjQM%2F6odR91t3mHLtv8pXDDotmH3q9euK5X%2F2XzcfHJieS5tvyzhCdlw%2F36J0AJ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662720471&gdpr=1
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame CFF6 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=cca6fba3c858d920&uid=YxnIVupxL.Q16n.AH698rAAA%261169
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dcca6fba3c858d920%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 862B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73237
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Fri, 09 Sep 2022 07:08:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 68EE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 39FF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 46AF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 10:47:51 GMT
khaos.jpg
token.rubiconproject.com/ Frame 862B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
cmp
spl.zeotap.com/ Frame 33B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
74771bc5cc339956-FRA
date
Thu, 08 Sep 2022 10:47:51 GMT
server
cloudflare
vary
Origin
via
1.1 google
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame DF33 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame DC0D 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 08 Sep 2022 10:47:52 GMT
etag
W/"62ec189b-273"
expires
Tue, 07 Sep 2027 10:47:52 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9236 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 08 Sep 2022 10:47:52 GMT
etag
W/"601b131c-27c"
expires
Tue, 07 Sep 2027 10:47:52 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 95FB 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dcca6fba3c858d920%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Thu, 08 Sep 2022 10:47:52 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BCkx4nB
x-77-nzt-ray
H9uWa1k1pxY
x-77-pop
frankfurtDE
x-accel-expires
@1663670872
x-cache
MISS
sync
eb2.3lift.com/ Frame CA58 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 08 Sep 2022 10:47:52 GMT
csync
sync.adtelligent.com/ Frame 9132 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIspSeTSmiyOhSnu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 08 Sep 2022 10:47:51 GMT
Etag
a618f5d1b954ec61
Server
Adtelligent
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame C870 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 0BE8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CB60 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1-pK3Wa3B_M9kqQF8cmmCzq4TZCfQKKCtB1q7SzDdVi6Eal7EhvPJfw9Ejk4hQmW9n_wCwOEDfKCZZWbZc52AK21eMA3HBFMW8cJ4Ffv0RxHFlYJx7_c6S_h1dZHpsG8JAu3_Lw&sai=AMfl-YQezTY79ulaakzmLfhFqh8Bklp8p0WOeoEWHrV0eb5k5iSpR7m8_kgoPy5P8h0HgFATJoOkVBu9XimguIhv4Pp3fItVgPTkBFVEE7iYDQXbwgeFy2uo_gHSp7Q&sig=Cg0ArKJSzMa816e_-t20EAE&cid=CAASJORohRUkN4Vbtyj2P_HNPjFjSzJDFQGJCMnlGePWMfdM81mbKiAN&id=lidar2&mcvt=1021&p=378,1250,628,1550&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1750181772&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662634070689&rpt=305&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame DC0D 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 04:14:20 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
23623
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
jl07XXOT18dYLhKr-VEB1LVhHYKghCPLo_Wk35vX7ALiO2XaYoc3qg==
GS.d
js.cookieless-data.com/ Frame 9236 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662634072114
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5369 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbob8JJJWor8I1o_zu4w5AEMr4YZGM19QuLau2SSjxPPN1B6xiAF1n1Sj_P3rt9c9z90aEwKJrCMoijhAyZeyf7p4_nUeP0152VWi7-pAh8CVVyFgNOa4GtRfkEy5S-_NwrEuk_w&sai=AMfl-YTx4kfDKj02ZimBArqFnvqlPLZVO_3FA_0vE6CMcAbZ-AOO0-0420ZoEYUM0lMGWkGzEdO35KZPWgnEnV6mOwLlGY4F0wZN0cXgrx6entAPfx9vMrQHuZotlrc&sig=Cg0ArKJSzEOIfUqwLbbYEAE&cid=CAASJORoT5ADqq8DGkY6cbX4lDG0y9LufiyUO-vvivodhYtHiaHkKyAN&id=lidar2&mcvt=1043&p=1110,436,1200,1164&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3011892016&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662634070692&rpt=362&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6511 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLNzUdJ-1pPA0pBsm6qAopBI2wS5oOWTafYHyDMC7qHGYz4Vo0n9y3JZf9gK2aCXbWvuqkcO1aiyoEiuMy-aCEzB8PTxOgFx_J_CdCwGl_BvxlJOnmO6zQtFJtbHtJ4O29_8DfWg&sai=AMfl-YQGYhbSMzQ6DIcjX12n4HWbQVXDxBuV0cAfqumzCcyEAT39qZF5ma25fIenI9oh2ncWUCz_OjKzOWTQtTNBcrq-rfJpmSqQ7PKXg3IRxMrkWP8LKD1v9n6d028&sig=Cg0ArKJSzJRaxA61TGHcEAE&cid=CAASJORoDUPtdZ2RqW4HZFAB-K6iZw4UVrg5xBGu8bse7prNscywpiAN&id=lidar2&mcvt=1056&p=193,436,283,1164&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=344230583&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662634070674&rpt=399&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 862B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
truncated
/ Frame B3CA 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B3CA 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame B3CA 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-34.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 08 Sep 2022 10:47:52 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
campaign
ads59.adtelligent.com/tracking/ Frame 3AD6 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2003&nested=1&adid=3B0E50C4769B2C71&cmpId=538100&aid=723432&i_top_domain=https%3A%2F%2Fsimcast.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B0E50C4769B2C71&aid=723432&cb=824495126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2825 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbJTKVsgZY-eeMK-U7_UPpp65qAYAAAAAOAHgBAI&bg=!gYKlgsbNAAZTikH4c4o7ACkAdvg8Wh3YCetEqqQyC2AogJISw4GQXC-rOCFB8lT8BtpK2wC8J6kh3AIAAAH2UgAAAAJoAQcKADa53Q72Wd7kieK06SCsIeyyZCDaPP1uKpnZ-q5O16lLPOPPra0rYUGFlN7cttAjD0G5kw2fIdSZAvdRY8WTvfjGXDoZCuH8_nD2_WL3rKb-JNmrKJ9DVLKRsMogfTYk7aVrH2tOdjsDBBYYE9l4JGP7TBV07SGhvLCIo_xEQjckDuphiUEhTRyFWnVu7BiN-1dlUX-C5Say5cvHoVgGXKotdkbDyNGSHxGs6PXH7i9HXxgWm72CW4EPompz_IBqegCroV835JipAowb3FXMZKtnPERi1JtC9dNnjNSraAejGuHMjfbJL_QkH-yf8n8TLYVFhRGCeRpLYskUJ4l1j_O3m7FmrNC3pYzUBzMomLHMz7h0AXI84mBjTejPhsk8yaT-1TRlBrHjAYW04bBHYxdixcN6bM8KM_JDA5pF-tRsnyRLghURV2MJ_JT7J_RWfzFIcwhAZvO0QMgMR_GOimWJEizLHyJv8pF9pQXBdz5dvZA5weViXOd8K8fKMRE1Adaw6mtVt3VpNmF6b19bV4CFAAa_hU7ttCPjDQPZGyp166ozhQYw3NJC8aj9cBqApiJjP_1kOPuhxN3enbKa5A1zsQ3hk29_nKEDPmv2w1hWTOEWt85pYXHxXKUEz4biG1UKohMBQwLVb5sB8sSArkzFaBTJTGkjPqQ2PmmHTChZguYhE47VOKdsGorzWAq-eJlv-1s4li6Hp2LrmZUiea1H_gxhX9NbwloD35ESVe9awNq79YjcmB9AuIGM0V25lQd3pZwAdNsg7BKH69jiiZktb9ke-rCffGa5yT2WkQH2PhfQdWUzZ6tQ1e1mfOCcdqnFj3W2QdzPI8TBuMK1RNbx6H3xcr8KDMYoLdRMbFNCe7igls7C8y5DpTx7K3n98nAj1Oh-94O5f2Y6p1cb0VUwvZnR_49bMVVRF-SPquQTHl1uXjKim0Ss0J1HNnrtIW2Y1rWFU1I99lDP9XNuphAibhmYT-N3KfDvzdreaMLGhEGSX8WZtDyR0336vr-VrWQnvu7HeqQ0ADdebhdYhWNClLUbHoAT23Y1LMH8akMjY1_Cp8T6qKgFZNJ80Civ0kE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37DF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPtWTVsgZY8_7MI2X3gPUoYq4BgAAAAA4AeAEAg&bg=!FxSlFFDNAAZTikH4c4o7ACkAdvg8WsZxQqcQ-ArjKJYES3WpY7jMJlqHuQ2VzFNUoliVMHENB4I9agIAAAGVUgAAAANoAQcKABLL1sZrPckgQ27Sco6ceRleFISZAuKeh2lsppCY2cPQhtO5nusrbP27vh6rNW2LY1P00Ebpu3Gh4F2lS_WHBWwpHy1VGol4Oh9D8j3qX9legYO6VkjVYJ6O6OhvIC_8iwYU_uQBBQN3uktYu5lTv8D-fG7KbWokDIQKDkUpPJBX7CU3_KE9XKd82QZVM8irvaUeHLpKIXbmafrbkKDDfgNTNWso9hvOauoVdz7a4wtBoIsoAoRydfH1X9t52FS8rYy7uvQZe-w4VBwI_P3mcQ3R1a_UhkvV9E_mQwy4CVBp3ikgQqvGG0Khq0BbrucwEOrVM9dp6E5UsPC_7PsIbjLvMlggPKn3hod9yla9mbtyAcOt_dTkRZLK86GYgkWefH-AtLkry0-9UGaXcFsjJJMMhG_OXijVEIJvQYSs508k1Qlkk_PAZsEN1MGBxsdJx1TdBn4kfbiGD1Hzk8h4MiRS6wXfG5opmZUbbvIDAlwrlTkFaUoSjruWDJz0f_VaUhR5lNcwJBRcnZHwFeKAIMjQuTlBqmSWkBU8ol-Wfpp-y_0f67PlPTpqb2BBPCtMo0fuUIqyMetJZaO6OEL6ugS1t-H40Mh6oDwVsRNR1JC0IdfGKIKJRR3HEgVpQ315uSU7oscipKrHnjFqbmcJ2cmp0BIoubBFoslIh_UiX4fRCJ2QK4r0a7MAXZNquSPosINtYRfPXWuoGiHfffzhUdw8DbEQ6WWdJbaHhUkmuqBH9OQvZRQb2kmCEJ6ry95SOBTM731vz-HM5JeNtvxqzAYhANjPL7R8hzdbCyjHlM1lHp07JRQAXVa7nBOO3ffh6Hu0f1hrQoOX-KE9YQ_iXSEo1puaV8RHQeWm4kbaVSu0xqWcXEHPufqVRcVilfVlTmmDqWa9itJuMDK6j9tas6_aB_42zP2tZfZJYzfoK45YtAhPvXs2etqGb5Fr0DcMEmpH9Mciap1PeQp1M57QcQThXwribTwumVrx4kIKm0Iz2yack8Dqq-k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7075 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWfiAVsgZY4CQMbflx_APqsWawAoAAAAAOAHgBAI&bg=!xMelx4PNAAZTikH4c4o7ACkAdvg8WoPxzl1bhh8SruER5aKlq37pTE4hahL2QsAshYUxGZ-WrCBlSQIAAAGxUgAAAAJoAQeZAuPPwwEvjych-03LkjZuI4Yum57ORb-EHt4jDQN6LBflenV97zwywP4t8TyOxq0Sc1fCwrSilwPSIC16ndT50JMCPHEq42zat-bXn-fdrh-OiUo5mPS2m8VzohUZrVSH2RYMtKHcrxRZCaJxpCKk61H_uPKR56cAh70aFC3wZyLd4Q_3tGvCVaElIKL5zrDn4bXU1sYG3MS7ktUjitP_2yrzFqDJvtUc1pDs74d-xLodimzTfh4kI8aHKLaR1U_3b-f3r9a4OPgfvWJ4tn-ag1lkLPJuCTIkbbr_T91pR040-VK9tKWiYID3bwt8-lyJ3za34BjRkgnPtyrwcoYEXbswKpL5ifQ1SexZyvIm7NV9wHv3Y-zmfXfjMsE-nmOpBM16Aryute_s_2nrCMgw01g4QlpUR-fP1DQoWQ2sfrxXGJ4wDN_3By5FHR9wCy87MhY6N2EbZX4Xierq4GmLrTjcpJqFgEAXD0jFS83w8ijv72R_-ZLav1Hko74r6blW5wBSmtN2SVAyAc-h8KLUmncPfHbIF9bjklp3IIqSJBnlYi9msbKHM7QjH4EyaNLjNdv9ozaQLDQKaNtpVKNLaI-FQJ6To8PgHT2oVVPaZBZFwYSVZInkILGBaDfeWW04Kl6KeStPUWPIcD_sO9CdHHe4Q4tDP4D7I-KGyccm_uCVtc5Z9MCQLVGW9zRZLRl7tGilak_cO98CbnzGsqQ7QAIUQ7g-D44_3fQmVmCl1XEn3Wo_E4B6vYUmsVg3hxP0l8QfECUjGaaMD3ALE0bQtpEoYhwx2RroX2JEtQYhywg0UFi_RSJuGnWJc2G-OVJQH-mgmA5X_FGTJzprOzWiFxTYw7xGiBpQxZ6LcGNr149QIdq54ndPEW1ZofBF0efoCaA4fjmANauRkOaUohOzZf2EinkOdOg4A7T-STtEVL4yNgIpyKZGR19o4EJ1l82UmUop1nkqeMjLgKF24kN8IQ1OxEHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame DC0D 		155 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 08 Sep 2022 04:50:26 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
age
42688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
LUM5vQgkXSJ9ROwsErORjQdO2QkapFFMZE-M3gT9IFfSBU-ytoyGuw==
bql.php
lg3.media.net/ Frame B3CA 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5119&&&vgd_l2type=sca&fp=I_JgL53XWMC-qY9KE51npTVizlrUSDW8rYgYZcNqkuV3SWd8Td-TSqp8BYUTwh73nXjv_lDnPwYhWcDR8uNI6G3NhJqEaVYg9O__gFvnlG8m4s_vzNGQ6thMl-K7CmMGoc6ShGq5ueM%3D&cme=6YsaEjp2TTaLDplHPUkqsxJJJ_KvAHU2rp-kxqsmD8s0ha2In0kYTbBm8DJsiLvUIMWcPbs_X6v-RhQhKIwe57jHd9m8wwS8oHDSTWMnfBcc9L_FXlPwCjGRUYztNboTViq2HG-3I-Iyb-TK2hD0Q_7dBrfo6nvP7h37hW1SaTok5e8-4lULRJNDyTV7uwUuGdjMiPny1uZnb7Sz6h0HfREU93hu5X1Du7nv6D0Rnks%3D%7C%7Cu8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq%7CRaVnA19mSZR1oWWPAwwk-sGquFEmFT64%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD6pCakBw4gera-ZQNLqvEBY18rMiGnIs8Y%3D%7Cxrl5Md8q4--8GkxV6hZ0zgz0z94DK4Ilxenov2iJ20s%3D%7Cp_yBs4Uo0c5UqQUvQ2pyBzwGso80EPLfFnZrNwm7N55D8qoZrLFgjXlDeLweekmBxINSSj65YcZluG8X3KYKvsKvD50M0jNaba9wXd0G1PNHeG44Hndy9CW8EGZBKn-qV2vPTi7c5dowWbZTQBV2jgDTa8WkPqxUigSA74XtGtX9vmriWn9XhrlP21pJX8suCVzKj-IMdfc1IQUygM9py3MlkdOv7UPtWH0C17KvJXeOY6IaoK86Uw%3D%3D%7C&v=1&gdpr=1&geo=49.31%7C11.51&dlper=20&lper=100&lpid=&tsid=15046&q=&prv=&type=&ps=&hint=&td=SrcTagSwitchMarketplace%257C%2540%257C&cc=DE&wsip=170721342&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=266&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwt[]=391&kbc[]=1262271193&kwp[]=1&kid[]=329465921&kbc2[]=1%3D0.67%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.21%7C10%3D4.55%7C60%3D0.87%7C66%3D0.89%7C62%3D0.29%7C63%3D0.41%7Cps%3D0.545%7C3%3D0.98%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Kredite+ohne+Bonit%C3%A4tspr%C3%BCfung&kwd[]=Sparkonto+mit+5%25+Zinsen&kwt[]=391&kbc[]=1262271193&kwp[]=2&kid[]=329541714&kbc2[]=1%3D1.16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D1.30%7C10%3D4.55%7C60%3D0.92%7C66%3D0.89%7C62%3D0.25%7C63%3D0.41%7Cps%3D0.545%7C3%3D0.12%7C4%3D4.34&ktd[]=274894815488&ktrkt[]=Sparkonto+mit+5%25+Zinsen&cid=8CU62MU8E&vwid=1662634071420222360&vi=1662634071420222360&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=792&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_refdomain=simcast.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721342&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=neumarkt+in+der+oberpfalz&vgd_go_pid=8POD1F265&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1662634071113743436&sttm=1662634071285&upk=1662634071.26155&hvsid=00001662634071285036481820169655&verid=3111299&vgd_matchstr=bcat%3D13i%2Cjs%2C11i%7Ccsh%3D1&sbdrId=99&vgd_ecrid=352460760&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POD1F265&&abpl=2&&kbbq=%26asn%3D31103&&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuHuu~QJjjJLM71yM8Ovf9hWuAA9~Q7Ovf9hWuAA9~875EJvK00I4tPb~e8Q8G8j875v9~N875v4DsPD_~LJkMNz7v9~LM8Evf99uouGF9ou9u9oAou9uuoFhfXo9o9~LMQNv_q~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzv9~OYYMOuv9~OYYMOfv_~OYYMOAv9.X~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWvf~OYYMOiv9~OYYMOu9vf~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvH~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfuvou~OYYMOffv9.9A~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.W9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.W9~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv9999999~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvAf9-u99~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9.X~8w1v9~OYYMjv9.9Au~OYYMLv9.Fhu~JMLEYv9.f9W~OYYMYuv9.f9W~OYYMYfv9.9hW~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhv9.AiW~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.ihX~OYYMYufv9.AiW~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iiA~OYYMYuFv9.FWW~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAfv9.9Au~OYYMYAHvu.999~OYYMYAXvAAHA.999~OYYMYAFvAAHA.999~OYYMYAhvf.999~OYYMYAWvf.999~OYYMYAivfFHh.999~OYYMYH9vfFHh.999~OYYMYHuvu.999~OYYMYHfvu.999~OYYMYHAv9.ifi~OYYMYHHv9.iiA~OYYMYHhvHWH9.999~OYYMYHWvu9HFfXH.999~OYYMYX9vfHX.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.f9W~eGLv9~G8Ov9.f99~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovf9hWuAA9~e8JB1G8j875v9.HA9Afu~NGOEv9.uHH~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9Au~myG8Ov9.f99~875EJM8OvuF~QJjjJLM71yM8Ovf9hWuAA9~N1LL8JLVOv9~ONx7vA9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=304&vgd_go_ent=1&vgd_l2ch=1&vgd_rensize=320_100&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A320%3Brend_h%3A100%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001662634071285036481820169655&subBdr=99&bdrid=9&rc=0&rand=1662634072195&acid=24baf4ad310a42cbbe75759f675ea715&matm=1662634072195&requrl=https%3A%2F%2Fsimcast.com&vgd_x_pos=840&vgd_y_pos=1149&vgd_ren_page_h=2035&vgd_ltimesrc=1&vgd_ltime=1357&vgd_rtime=1232&vgd_etm=9&vgd_l1hcsd=A7%7C5971&vgd_l1ch=1&vgd_lhl=3135&vgd_pgid=p1172757011t202209081047&vgd_adprefflag=01&vgd_csip=rtb-common-577b747c47-z9ttp.BE&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CDIV%7CBODY&vgd_crefurl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&vgd_eadm=1&vgd_end=1
Requested by
Host: popcorntime-update.xyz
URL: http://popcorntime-update.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Thu, 08 Sep 2022 10:47:52 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=34574
content-length
15
data
bcp.crwdcntrl.net/6/ Frame DC0D 		20 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.14.189
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
vevent
fra1-ib.adnxs.com/ Frame 9451 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https://simcast.com/&e=wqT_3QL3BPBMdwIAAAMA1gAFAQjVkOeYBhCyw_Dcw_2bvGIY25rIt5Oa3qUZKjYJO99PjZduwj8R4cyv5gDBvD8ZAAAAIK5H9T8h4cyv5gDBvD8pO98JJNgxAAAAQOF6tD8wkrL0CTiUXUCVCUhgUNi_iKgBWJT8kQFgAGjvtqsBeN7XBYABAYoBA1VTRJIBAQb06AGYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AL9wFzqAhRodHRwczovL3NpbWNhc3QuY29tL4ADAIgDAZADAJgDFKADAaoDQRIYMTIwMDk2MTgzNDQxMDQyMDczNl9zYmlkGhM3MDk1NTQ0MjczMzI1MjY5NDI2IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDg7rHAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEJDIwMDE6MWI2MDoxMDEwOjM6MTAxMTo2NzI1OmNjNDI6YTQ1NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATYv4ioAYgFAZgFAKAFgNTWxs6Nq9UQqgUQM0IwRTUwQzQ3NjlCMkM2QsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aav8QHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOMcGQADIB97XBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAE.&s=6dfb5436aca253a37b732a5fc4e72aec1f38e148&type=pv&jm=1003&px=840&py=1149&bw=320&bh=100&sf=0.51&sid=3829036201243080383&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20781330&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ceaf4189-db6a-44e7-90c0-be28b514259c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D3C7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:52 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0c97e01d-0cd3-4fc2-9697-34201136d07c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptrack
a.audrte.com/ Frame 007C 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.132&p=M1353665098&artime=2022-09-08T10:47:53.052Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=c2ltY2FzdC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2156f5334e78660d7e47b1ef7269bc80f3149da3e08b0021e3c7717b44e31705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
usync.html
eus.rubiconproject.com/ Frame 649D 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:53 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 649D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73235
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Fri, 09 Sep 2022 07:08:28 GMT
p
a.audrte.com/ Frame 007C
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3693311076331742190
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 007C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8h2tHAcOxjyS5qU55Rvg5DiHw&gdpr=0&gdpr_consent=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 007C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h2tHAcOxjyS5qU55Rvg5DiHw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h2tHAcOxjyS5qU55Rvg5DiHw&gdpr=0&gdpr_consent=&google_gid=CAESENs3KuGSqOTa2rUY5ImrGeQ&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
bqi.php
lg3.media.net/ Frame 9451 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3360&lf=3&&vgd_hb_audit_1=8CUH5EN48&vgd_hb_audit_2=101633514&vgd_l2type=sca&pid=8POD1F265&katbid=-103&katen=1&cme=6YsaEjp2TTaLDplHPUkqsxJJJ_KvAHU2rp-kxqsmD8s0ha2In0kYTbBm8DJsiLvUIMWcPbs_X6v-RhQhKIwe57jHd9m8wwS8oHDSTWMnfBcc9L_FXlPwCjGRUYztNboTViq2HG-3I-Iyb-TK2hD0Q_7dBrfo6nvP7h37hW1SaTok5e8-4lULRJNDyTV7uwUuGdjMiPny1uZnb7Sz6h0HfREU93hu5X1Du7nv6D0Rnks=||u8A6SM53vAd9Riqo_cVZ-EfkFgq6uEmq|RaVnA19mSZR1oWWPAwwk-sGquFEmFT64|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|a0AmFUYXmD6pCakBw4gera-ZQNLqvEBY18rMiGnIs8Y=|xrl5Md8q4--8GkxV6hZ0zgz0z94DK4Ilxenov2iJ20s=|p_yBs4Uo0c5UqQUvQ2pyBzwGso80EPLfFnZrNwm7N55D8qoZrLFgjXlDeLweekmBxINSSj65YcZluG8X3KYKvsKvD50M0jNaba9wXd0G1PNHeG44Hndy9CW8EGZBKn-qV2vPTi7c5dowWbZTQBV2jgDTa8WkPqxUigSA74XtGtX9vmriWn9XhrlP21pJX8suCVzKj-IMdfc1IQUygM9py3MlkdOv7UPtWH0C17KvJXeOY6IaoK86Uw==|&gdpr=1&prid=8PRVCXX19&cid=8CU62MU8E&crid=661523037&requrl=https%3A%2F%2Fsimcast.com&vi=1662634071420222360&ugd=4&cc=DE&sc=HE&bdrid=9&subBdr=99&vgd_kwrf=https%3A%2F%2Fsimcast.com&startTime=1662634071274&l2type=sca&vgd_l1rakh=1662634071113743436&l1ch=1&cref=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-update.xyz%26pcid%3D802%26rid%3D152%26a%3D0&sttm=1662634071285&upk=1662634071.26155&hvsid=00001662634071285036481820169655&acid=24baf4ad310a42cbbe75759f675ea715&verid=3111299&vgd_bdata=~bx_len=1411~seller_tag_id=20781330~std=20781330~itype=APPNEXUS~visibility=0~city=ERFURT~ref_cnt=0~r_ip=2001-1b60-1010-3-1011-6725-0-0~r_sc=TH~rbo=5_3~bx_rh=47DEQpj8HB~bx_asn=0~dmm_d1=0~dmm_d2=T~dmm_d3=0.5~dmm_d4=00~dmm_d5=0~dmm_d6=0~dmm_d7=0~dmm_d8=2~dmm_d9=0~dmm_d10=2~dmm_d11=0~dmm_d12=1~dmm_d13=0~dmm_d14=0~dmm_d15=1~dmm_d16=4~dmm_d17=0~dmm_d18=30~dmm_d19=1000~dmm_d21=-1~dmm_d22=0.03~dmm_d23=0~dmm_d24=5~dmm_d25=def_def~dmm_d26=0~dmm_d27=0~dmm_d28=5~dmm_d29=0.80~dmm_d30=0~dmm_d32=0~dmm_d33=0~dmm_d36=NA~dmm_d37=T~dmm_d40=0~dmm_d42=0~dmm_d43=0~dmm_d44=prod~dmm_d45=0~dmm_d46=R~hc=0%20+%200~dmm_d51=0~dmm_d52=0.80~dmm_d53=0000~dmm_d56=0~sgmt=empty~bx_rpc=0000000~bx_intmd=0~bx_ginsu=0~bx_cs=0~bx_size=320x100~bx_l2as=0~bx_t_enabled=0~bx_t_exp=0~bx_exp=0.5~iha=0~dmm_l=0.031~dmm_r=0.671~e_rpm=0.208~dmm_m1=0.208~dmm_m2=0.078~dmm_m3=1.000~dmm_m5=1.000~dmm_m6=1.000~dmm_m7=0.398~dmm_m9=1.000~dmm_m10=1.000~dmm_m11=0.975~dmm_m12=0.398~dmm_m13=1.000~dmm_m14=1.000~dmm_m15=0.993~dmm_m16=0.688~dmm_m17=1.000~dmm_m21=1.000~dmm_m23=1.000~dmm_m24=1.000~dmm_m25=1.000~dmm_m28=1.000~dmm_m29=1.000~dmm_m30=1.000~dmm_m32=0.031~dmm_m34=1.000~dmm_m35=3343.000~dmm_m36=3343.000~dmm_m37=2.000~dmm_m38=2.000~dmm_m39=2647.000~dmm_m40=2647.000~dmm_m41=1.000~dmm_m42=1.000~dmm_m43=0.929~dmm_m44=0.993~dmm_m47=4840.000~dmm_m48=1046254.000~dmm_m50=245.000~dc=gcp-eu-west1-b~ck_fl=0~bhp=0~erpm=0.208~vbr=0~bid=0.200~dmm_d39=/bid/getExchangeResponse~supply_tag_id=20781330~viewability=0.430321~cbdp=0.144~dmm=harmony~suid=~insl=0~dtc=eu_be~dalg=default~html=1~sobp=~bdpcapd=0~dmm_erpm=false~bflr=0.031~ogbid=0.200~itype_id=16~seller_tag_id=20781330~carrierId=0~dcut=30~dogb=0-1~ibc=1~&matchstring=bcat%3D13i%2Cjs%2C11i%7Ccsh%3D1&vgd_matchstr=bcat%3D13i%2Cjs%2C11i%7Ccsh%3D1&vgd_sc=HE&infr=1&stime=1662634070973&vgd_ecrid=352460760&l1hcsd=l1!A7|5971&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=1&vgd_pgid=p1172757011t202209081047&vgd_pgids=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Thu, 08 Sep 2022 10:47:53 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=39738
content-length
15
SPug
simage4.pubmatic.com/AdServer/ Frame 72B8 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
um
u-ams02.e-planning.net/ Frame 95FB 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=cca6fba3c858d920&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dcca6fba3c858d920%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 08 Sep 2022 10:47:53 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2734 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166429
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 10:47:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 10 Sep 2022 09:01:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3AEB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 10:47:53 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Sep 2022 10:47:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 905D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 84C7 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
Adtelligent
Etag
a618f5d1b954ec61
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 2734 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53839101&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ab2ab10cc6a27b139c16591eeacd063b823d41f16e6d86ecdb38e1f704ebe564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:53 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 3AEB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73234
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Fri, 09 Sep 2022 07:08:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0BA1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7140958960186554507
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7140958960186554507
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 08 Sep 2022 10:47:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7140958960186554507
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 702E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxnIWAAMW-So2wAK&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxnIWAAMW-So2wAK&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 08 Sep 2022 10:47:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxnIWAAMW-So2wAK&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4075-HHN
x-timer
S1662634074.037689,VS0,VE0
adx
match.prod.bidr.io/cookie-sync/ Frame C407
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbkpVN0dNNUVBQUE0VTBfVnVMQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.152.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 10:47:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0DBF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oXKyA6oDQZRIlgGqLcp0SNly14Q
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oXKyA6oDQZRIlgGqLcp0SNly14Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Sep 2022 10:47:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oXKyA6oDQZRIlgGqLcp0SNly14Q
Pug
simage2.pubmatic.com/AdServer/ Frame 82A6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74771bd2be62903a-FRA
content-length
0
date
Thu, 08 Sep 2022 10:47:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
pub
matching.truffle.bid/sync/ Frame 9B38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
i.match
s.tribalfusion.com/z/ Frame 969F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74771bd45a51917c-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 08 Sep 2022 10:47:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74771bd3180a917c-FRA
content-type
text/html
date
Thu, 08 Sep 2022 10:47:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
140
generic
match.adsrvr.org/track/cmf/ Frame F049
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8750076754
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8750076754
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 08 Sep 2022 10:47:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 08 Sep 2022 10:47:54 GMT
etag
RX256a1cd0ac8541a9ab0c5aae0016197a003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8750076754
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
bridge
cm.adgrx.com/ Frame D2A6 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Sep 2022 10:47:54 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-5
server
Cowboy
cookiesync
core.iprom.net/ Frame 6EF8 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Sep 2022 10:47:54 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-b3688f15891e@version_1.524
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 6C64
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7618999be2fe48e6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsTUbSRRRhnXMnWSnU
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsTUbSRRRhnXMnWSnU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsTUbSRRRhnXMnWSnU
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 32EB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=976bccac-a4eb-4c3c-a139-8ca0e3313995-tucta134dda&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=976bccac-a4eb-4c3c-a139-8ca0e3313995-tucta134dda&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 08 Sep 2022 10:47:54 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4063-HHN
x-timer
S1662634074.142107,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 08 Sep 2022 10:47:54 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=976bccac-a4eb-4c3c-a139-8ca0e3313995-tucta134dda&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4053-HHN
x-timer
S1662634074.048996,VS0,VE9
x-vcl-time-ms
9
141
match.deepintent.com/usersync/ Frame D329 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 08 Sep 2022 10:47:53 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 2968
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UB5MeTHL1Owf4C5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UB5MeTHL1Owf4C5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 08 Sep 2022 10:47:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UB5MeTHL1Owf4C5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
match.bnmla.com/ Frame 5146 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.222.140.101 , United States, ASN18672 (EVOCATIVE1, US),
Reverse DNS
74.222.140.101.CUSTOMER.VPLS.NET
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 2C61
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48E81AC81B454704B0AC122CA6CA50AC
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48E81AC81B454704B0AC122CA6CA50AC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 10:47:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Thu, 08 Sep 2022 10:47:54 GMT
expires
Wed, 07 Sep 2022 10:47:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48E81AC81B454704B0AC122CA6CA50AC
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
csync
sync.adtelligent.com/ Frame D646 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 08 Sep 2022 10:47:53 GMT
Etag
a618f5d1b954ec61
Server
Adtelligent
Artemis
aud.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Thu, 08 Sep 2022 10:47:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 2734
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:54 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:54 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2734 		95 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
74771bd2d9609956-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 2734
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:55 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a8cb16de-6553-4577-9753-13bb2d74fb73&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f85b58e-233d-4820-9da9-e221f3279969&gdpr=&gdpr_consent=&gdpr_pd=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f85b58e-233d-4820-9da9-e221f3279969&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:53 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f85b58e-233d-4820-9da9-e221f3279969&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 08 Sep 2022 10:47:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
CFA8A2CA-2137-4D34-915F-9C0D90D1F194
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2734 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CFA8A2CA-2137-4D34-915F-9C0D90D1F194?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1c03:949a:3875:f724 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RpCL2VE2uUnuh9UtkWLFtkBxAbosRc-~A&gdpr=0&gdpr_consent=
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RpCL2VE2uUnuh9UtkWLFtkBxAbosRc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RpCL2VE2uUnuh9UtkWLFtkBxAbosRc-~A&gdpr=0&gdpr_consent=
date
Thu, 08 Sep 2022 10:47:54 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2734 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CFA8A2CA-2137-4D34-915F-9C0D90D1F194&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d57fa68-4d11-4f2a-a7de-3cd3e0b96406&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d57fa68-4d11-4f2a-a7de-3cd3e0b96406&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7d57fa68-4d11-4f2a-a7de-3cd3e0b96406&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 08 Sep 2022 10:47:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7003131464600800624&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7003131464600800624&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:52:40 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7003131464600800624&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 08 Sep 2022 10:47:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2734 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:53 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5263463049080341825
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5263463049080341825
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 10:47:54 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3920c7d2-6db7-458a-acf4-cc70cf48cb17
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5263463049080341825
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 2734 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 10:47:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2175f498-f30a-4d79-bace-438cbff8303d&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2175f498-f30a-4d79-bace-438cbff8303d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:52 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2175f498-f30a-4d79-bace-438cbff8303d&gdpr=0&gdpr_consent=
Date
Thu, 08 Sep 2022 10:47:54 GMT
X-CI-RTID
51f9def8-d3d7-47fc-a174-bb5cf318fe5c
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
khaos.jpg
token.rubiconproject.com/ Frame 3AEB 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
sync.php
pixel.rubiconproject.com/exchange/ Frame 3AEB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
csync
sync.console.adtarget.com.tr/ Frame E1B2
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3693311076331742190
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3693311076331742190
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 08 Sep 2022 10:47:53 GMT
Etag
6d4825e4f70c4c9e
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 08 Sep 2022 10:47:54 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3693311076331742190
server
nginx
csync
sync.adtelligent.com/ Frame B72B
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=6d4825e4f70c4c9e
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=6d4825e4f70c4c9e
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=748067
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
Adtelligent
Etag
a618f5d1b954ec61
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=6d4825e4f70c4c9e
Date
Thu, 08 Sep 2022 10:47:53 GMT
Server
Adtelligent
Etag
6d4825e4f70c4c9e
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3AD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6_i4QYDkl1irGHN9MTJHoiMObHc94XJjt45uKn9Ge1--dCwu9kYj6BsFBcdN7zMbsKarYg9jM_tVTvwz27sgTOe5uUXQg8yiDpTt7SvGWCZheOecluGqn6PUiWTcGvdXdX1BBHrZ5y2ytI0DwRa3SX8_kYaOVERng0VL09lEJ6N0-smRJO551TY0Vt4diXLCUCBt5WJT2eOIMDxiB1oKlXoplG3MZUxtx69_apCxibMBhUiGmzYqXTQiuHI4TzMU9eG4m_Esu_b8LVJOBFXORcS2WMBaIW_9pmh2kowdGlsMNgjE7td-WXwO4N7q-&sai=AMfl-YTPzmF6cb5-xGvgNbLz0CpzMiOhBXQoVH5eS15YAwcon0HgF8R4KSMtx1fhNwDhraTcq7_noHcTzzFXB1TAC--MpfjnTJS75fP3SLq3yqc0pfVgo7xLdhtJtyNZTg&sig=Cg0ArKJSzNvZwZZs2HYJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 10:47:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Sep 2022 10:47:55 GMT
rop5r7o14rop0042q6686on06364oos9-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		617 KB
618 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/rop5r7o14rop0042q6686on06364oos9-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e967969e4a605735920bf94e75018c30699dab5fefb0b973d05bb175d200777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:46:21 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
age
32495
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
631304
last-modified
Thu, 08 Sep 2022 01:24:44 GMT
server
AmazonS3
etag
"0d5a33b1607baca7f8615bbec41a820f"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
8KlgPSF2txQtRfQsym3qTfodgRj6Noz3x6Hdet5mQ13w0oNm1zZ1Qw==
SPug
simage4.pubmatic.com/AdServer/ Frame 2734 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:47:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet function| myConfirm function| myFunction object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| plBanner function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_853412 object| closure_lm_478502 object| GoogleGcLKhOms object| _mNDetails number| lnt_z

121 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: 91devdbrtgsrgjvjcj4n41dtl1
simcast.com/ Name: uidinfer
Value: 24157968
simcast.com/ Name: _uc_referrer
Value: http://popcorntime-update.xyz/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBCORS
Value: q/sQd++SvnZKt6bpQ2TvQme/QmoT6+WT5mdmnzya2LKqX+goLR9OV4Ju7zdM84X1Lhovr6CUwevtZX7zzapQlc0VoA9MapTSEcG1b1oBqCjZsC7X0XaQRsW3zfPH
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: _ga
Value: GA1.2.2020953146.1662634069
.simcast.com/ Name: _gid
Value: GA1.2.2063052319.1662634069
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1662634068_1662634068
.adnxs.com/ Name: uuid2
Value: 5263463049080341825
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEw1ZDnmAY4AUABSAEKGAj30UAQChgBIAEoATDVkOeYBjgBQAFIARDVkOeYBhgB
.simcast.com/ Name: cto_bundle
Value: 8q7E7l9ZVVJhS0l3R2RlQTRhJTJGcHBCNm5ickVYR3lDUWtYd0Vjelo5JTJCeGswMkdNblpHWnpDMDNiWVI4RDlKOE4zVURDUGszOFU5TjdXRktXb0c0ZEdNTFklMkYlMkJGdDl0TTdzSkUwY3pLMVpPeWlSRk13Yk5VUHpBU2ZpMERqS2F4NmV0UFhk
.simcast.com/ Name: cto_bidid
Value: KTPy_19NeVpwNCUyRmo3alNsbUl0SThnZ2hrN290Yk5sTDBhNUxIbURrbHFKYkklMkJDM1RVSEtoeDl5MU52WnMxanlhQ1AlMkJuREh2cUdTS1ZnJTJCYW9DaHZsSDhEWjZRJTNEJTNE
.doubleclick.net/ Name: IDE
Value: AHWqTUkT1B5-u4VuAdm4vjkKPUagiv8N-uMzlCmvx-6YSElk8s5wQVIViHYVjSvWcgg
.simcast.com/ Name: __gads
Value: ID=3d00281b3fdb7f35-2246f19415ce00bf:T=1662634068:S=ALNI_MbMeEOHa6YudTv-_jKY6PKzF4LXqQ
.adtelligent.com/ Name: vmuid
Value: a618f5d1b954ec61
.casalemedia.com/ Name: CMID
Value: YxnIVupxL.Q16n.AH698rAAA
.casalemedia.com/ Name: CMPS
Value: 1169
.casalemedia.com/ Name: CMPRO
Value: 1169
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU(nSSv4!]tbPl1M>e)ZlrFUfJ+tGXxoHIHG(HJ*(.6?omz6Ip%AzQr(5@Oz!Ckh^)MV3If)y3KL9D3I?+<(Nia8
.csync.loopme.me/ Name: viewer_token
Value: 771cc470-05a4-4233-b9a3-feaa933208c9
.openx.net/ Name: i
Value: 1b057d23-8c9a-4391-984a-8590778bc015|1662634071
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AIspSeTSmiyOhSnu
.quantserve.com/ Name: mc
Value: 6319c857-6f252-b382e-a8f13
.3lift.com/ Name: tluid
Value: 363011027495813689794
.yahoo.com/ Name: A3
Value: d=AQABBFfIGWMCEG_-4xz2TQYT16pjrhlGSgwFEgEBAQEZG2MjYwAAAAAA_eMAAA&S=AQAAApygK3p3X1y6Bwdpad8mYK4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-256a1cd0-ac85-41a9-ab0c-5aae0016197a-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CFA8A2CA-2137-4D34-915F-9C0D90D1F194
.yieldmo.com/ Name: yieldmo_id
Value: g53acb43e1d63cdc95fe%7C1662634071542%7C0%7C
.zeotap.com/ Name: zc
Value: 626023d3-1076-437e-68cd-2d8263d2b8a6
.zeotap.com/ Name: zsc
Value: %DEU%0Fn%CDyzn%DA%DC%15%7B%9B%3D%BAJ%23%91G%C5%2F%E0%5CE%24%FB%C3%5E%1D%C5%19%14_%D5V%EC%3E%26%84%22A%A7%01%15n%EB%99%B9N%3B%09%97%1C%A6%9C%8A%3A%60g%AC%11%96%C6%7D%3B~%AD%1B%86C%D3%C6Y%AE%0D0%BC%7BN%26%9B%88%B2%FD%5E%95%B6%9F%1E%F9%EFa%16%0B%C4%F0%DB%A7%C3%D0qr%93%91%C8%D4%FA7J~6G%FEJ%9A%CE%AC%DB%D8s%DAg%C5de%FAeO7%9AD%A3%F3%3D%8B%A2%80%D5%D5%24C%2B6v%83%A6%8C%0DwC%ADX8%3E%DA%29%2B%95%2B%19%91%92%FC%B8%97%5E%96%A7O
.adtelligent.com/ Name: a319130
Value: 771cc470-05a4-4233-b9a3-feaa933208c9
.adtelligent.com/ Name: a297253
Value: 5263463049080341825
.adtelligent.com/ Name: a584890
Value: 5263463049080341825
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129amqsDRK9M7ONvfzykotrwwJdXdzswjiNTQzMzIzNjEwNzS1MH_FiMK3AABdVrf2PQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrS0NLc0MLQ0MjI0NjIyNzIxtRDiM9QNiAqKKk3xdSwqNiwCAPQ8LRElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129amqsDRK9M7ONvfzykotrwwJdXdzswAAXkP6jh4AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrS0NLc0MLQ0MjI0NjIyNzIxtRDiM9QNiAqKKk3xdSwqNiwCAPQ8LRElAAAA
.casalemedia.com/ Name: CMRUM3
Value: e66319c8572760&f16319c85705a0&276319c8570b40&186319c85705a0&bc6319c85705a00&416319c85705a0&5a6319c85705a0&2d6319c85705a0CAESEFKK21X-2Yj5m7IO-Wth6YY&2e6319c85705a0
.casalemedia.com/ Name: CMST
Value: YxnIV2MZyFcA
.quantserve.com/ Name: d
Value: EPkBDgGGJ4EO-TA
.adtelligent.com/ Name: a309255
Value: f177cdb5-9c82-4f8f-a910-8d6d92f73165
.mathtag.com/ Name: uuid
Value: 7a716319-c857-4f00-9892-9fc46be93008
.onaudience.com/ Name: cookie
Value: 7618999be2fe48e6
.onaudience.com/ Name: done_redirects161
Value: 1
.de17a.com/ Name: guid
Value: 1.4904851706845890458
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332317081_170181287_SOHO0103A20220502&ref=27513879_4307561_332317081_170181287_SOHO0103A20220502
.simpli.fi/ Name: suid
Value: 48E81AC81B454704B0AC122CA6CA50AC
.zemanta.com/ Name: zuid
Value: h1BKMI7p2IvOxKhdVt_H
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-5049bd26-1108-3368-b104-d07de08518a3
.adtelligent.com/ Name: a558003
Value: CFA8A2CA-2137-4D34-915F-9C0D90D1F194
.adform.net/ Name: C
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1662634071856
.tapad.com/ Name: TapAd_DID
Value: 047eb59a-4368-4c23-b37f-c475d9de397b
.adfarm1.adition.com/ Name: UserID1
Value: 7140958960186554507
.adform.net/ Name: uid
Value: 3693311076331742190
.weborama.fr/ Name: AFFICHE_W
Value: Xgo07yFCy29e39
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.theadex.com/ Name: axd
Value: 4304988710661581333
.theadex.com/ Name: tis_yAL
Value: yALeAq4z
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tidaltv.com/ Name: tidal_ttid
Value: 6ef46c5c-6429-48f1-a346-1ede3716de53
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjI2sTK0MAIAhjHFWAkAAAA="
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.richaudience.com/ Name: avcid-zeo-uid
Value: 626023d3-1076-437e-68cd-2d8263d2b8a6
.agkn.com/ Name: ab
Value: 0001%3ApHx5j%2B9t8tRtn5zB%2FhbG5oR4HDnEgPQm
.krxd.net/ Name: _kuid_
Value: PEQm2ThY
.casalemedia.com/ Name: CMTS
Value: 1137
.adtelligent.com/ Name: a307971
Value: AIspSeTSmiyOhSnu
.onaudience.com/ Name: done_redirects147
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YxnIWAAMW-So2wAK
.fwmrm.net/ Name: _uid
Value: "e5af4_7140958964455490211"
.demdex.net/ Name: demdex
Value: 71042662779673182790456276821914231791
.dpm.demdex.net/ Name: dpm
Value: 71042662779673182790456276821914231791
.eyeota.net/ Name: SERVERID
Value: 20686~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESENs3KuGSqOTa2rUY5ImrGeQ!20220908!1662634073277
.audrte.com/ Name: arcki2_adform
Value: 3693311076331742190!20220908!1662634073404
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156813:3
.pubmatic.com/ Name: DPSync3
Value: 1663804800%3A197_219_221_226_227_235_201%7C1662681600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1667779200%3A69%7C1663459200%3A63%7C1663891200%3A35%7C1663804800%3A220_54_176_204_21_161_71_238_3_55_99_231_13_22_166_233_234_8_189_222_5_57_56_243_165_88_104_7_81%7C1663200000%3A2_15_223%7C1665187200%3A203
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~271m:18z8~271m"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-256a1cd0-ac85-41a9-ab0c-5aae0016197a-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3A_6XYkZtT1WyG8BAjP_T0X1xWwY3qmQBt.XyU8hRccjovDc%2F0vsbcmbBLx8BEbvg9IUpEHwF67NRE
.fiftyt.com/ Name: fifid
Value: b26b29e4-eb72-4fb7-7623-6dccf471e830
.fiftyt.com/ Name: cs
Value: MTY2MjYzNDA3NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fNUx4EuwOs6dI-nlxoyxmG6H2c9oLG4KW66gmO2pdHPU
.bidswitch.net/ Name: tuuid
Value: 5f85b58e-233d-4820-9da9-e221f3279969
.bidswitch.net/ Name: c
Value: 1662634074
.bidswitch.net/ Name: tuuid_lu
Value: 1662634074
.w55c.net/ Name: wfivefivec
Value: UB5MeTHL1Owf4C5
.turn.com/ Name: uid
Value: 7003131464600800624
.w55c.net/ Name: matchpubmatic
Value: 5
.adsby.bidtheatre.com/ Name: __kuid
Value: 7d57fa68-4d11-4f2a-a7de-3cd3e0b96406.431848074
.semasio.net/ Name: SEUNCY
Value: AA4C41F46732278F
.audrte.com/ Name: arcki2_pubmatic
Value: CFA8A2CA-2137-4D34-915F-9C0D90D1F194!20220908!1662634074124
.audrte.com/ Name: arcki2_TTT
Value: 1662634074125!8h2tHAcOxjyS5qU55Rvg5DiHw!1123#866#1112#1329#1252#1231#322#812#310#454#880#1712#101#1554#590#1281#132#1276#1686#790#1667#918#629#-1#1573#1298#1455#1663#250#-1#146#271#1456#1222#262#446#-1#783#1562#13#1838#58#1230#1133#625#-1#1010#283#1803#1427#15#-1#532#1758#368#1558#464#757#583#1654#430#906#153#1597#1073#1513#8#1005#231#1235#1689#1264#1324#1244#234#318#828
.adtelligent.com/ Name: a281178
Value: CFA8A2CA-2137-4D34-915F-9C0D90D1F194
.fiftyt.com/ Name: fppm
Value: 20220908104754
.onaudience.com/ Name: done_redirects104
Value: 1
.bidr.io/ Name: bito
Value: AABnJU7GM5EAAA4U0_VuLA
.bidr.io/ Name: bitoIsSecure
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a172b203-aa03-4194-4896-01aa2dca7448.0d82Fr7bLhYqZurxVx%2Fw6Ua5fcPjdXr87neqlTKYEW8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AoXKyA6oDQZRIlgGqLcp0SNly14Q.sDzE1Ju0pyZiyLs3iVgDaqJl3DaBDo3nBmz2zKB7cu0
.tribalfusion.com/ Name: ANON_ID
Value: aenseFu4YUcmqcn63g84FZde0YZaNie1xfwQQt6S8WkjlrfOWUJaLqCC0XlUEiZanWS0wmC3UQZc2mQvrM2fhgnF
.ipredictive.com/ Name: cu
Value: 2175f498-f30a-4d79-bace-438cbff8303d|1662634074468
.console.adtarget.com.tr/ Name: vmuid
Value: 6d4825e4f70c4c9e
.adtelligent.com/ Name: a318342
Value: 6d4825e4f70c4c9e
.console.adtarget.com.tr/ Name: a307457
Value: 3693311076331742190
.sportradarserving.com/ Name: zuuid
Value: a8cb16de-6553-4577-9753-13bb2d74fb73
.sportradarserving.com/ Name: c
Value: 1662634074
.sportradarserving.com/ Name: zuuid_lu
Value: 1662634074
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1662634074
.audrte.com/ Name: arcki2
Value: 8h2tHAcOxjyS5qU55Rvg5DiHw!20220908!1662634075268

14 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-update.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=cca6fba3c858d920&uid=ua-5049bd26-1108-3368-b104-d07de08518a3
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=626023d3-1076-437e-68cd-2d8263d2b8a6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=626023d3-1076-437e-68cd-2d8263d2b8a6&reqId=b9ffc0e6-48e8-4594-79c9-edfe002398ac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

385d3de87579c772c41bee2a6c624f90.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yieldmo.com
ads59.adtelligent.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cat.hbwrapper.com
cc.adingo.jp
cdn.adapex.io
cdn.adnxs.com
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
csync.loopme.me
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.sv.rkdms.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
js.cookieless-data.com
lg3.media.net
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.sendtonews.com
pm.w55c.net
popcorntime-update.xyz
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
simcast.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vid.vidoomy.com
visitor.fiftyt.com
warp.media.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
prebid.smilewanted.com
104.18.12.242
104.18.18.126
104.18.19.126
104.96.128.226
108.138.4.10
13.32.121.37
141.94.171.214
141.94.171.216
141.95.171.139
141.95.98.65
142.250.181.226
142.250.186.34
147.75.85.234
151.1.205.165
151.101.193.108
151.101.194.49
151.101.65.108
151.101.65.44
162.55.233.28
169.197.150.8
169.50.137.184
169.63.109.126
172.217.16.130
172.217.18.2
174.137.133.49
178.250.0.157
178.250.0.163
178.62.202.251
18.156.195.47
18.195.44.243
18.196.70.214
18.208.240.0
18.66.147.24
18.66.97.25
18.66.97.88
184.51.9.184
185.15.245.81
185.29.134.244
185.64.189.110
185.64.189.229
185.64.190.78
185.64.190.81
185.89.208.11
185.94.180.124
192.241.157.60
193.0.160.129
195.5.165.20
198.47.127.20
198.47.127.22
20.127.253.7
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
202.241.208.53
205.234.175.175
212.82.100.182
213.155.156.180
213.19.147.44
23.205.235.133
23.206.210.112
23.216.77.34
23.216.77.36
23.35.228.210
23.35.228.23
23.35.236.201
23.35.236.247
23.75.240.210
2600:1f18:6593:f602:96e:5500:bf36:df5c
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:223f:a00:1b:5138:8a40:93a1
2606:4700:10::6816:1957
2606:4700:4400::6812:230b
2606:4700::6810:85e5
2606:4700::6811:190e
2606:4700::6813:ad6c
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400e:80d::200a
2a02:2638:1::13
2a02:26f0:10e::6860:5ba8
2a02:6ea0:c700::10
2a02:fa8:8806:16::1400
2a02:fa8:8806:16::1460
2a04:4e42:200::300
2a05:d018:24:b002:d320:1e1a:8a69:d2b0
2a05:d018:d29:3601:1c03:949a:3875:f724
2a06:98c1:3121::c
2a0c:5c81:5142::2
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0
3.120.100.229
3.124.210.90
3.126.56.137
3.218.193.24
3.219.23.242
3.33.220.150
3.67.147.59
34.102.253.54
34.107.148.139
34.111.131.239
34.120.133.55
34.199.89.150
34.202.79.131
34.206.145.40
34.248.26.113
34.250.60.112
35.201.96.126
35.211.233.246
35.227.248.159
35.227.252.103
35.244.182.124
37.157.3.30
37.157.4.28
37.252.172.123
37.252.172.37
37.252.173.62
45.79.244.12
46.249.52.248
5.161.47.120
5.178.65.252
51.158.28.83
51.75.86.98
52.28.140.119
52.30.152.75
52.30.246.43
52.46.143.56
52.59.23.138
52.72.177.11
52.95.115.255
54.146.105.203
54.150.26.149
54.171.98.27
54.196.200.185
54.243.180.156
54.73.46.151
54.76.86.227
54.77.178.38
54.78.254.47
62.149.1.122
64.202.112.255
66.155.71.150
67.202.105.32
69.173.144.138
69.173.144.165
69.192.160.219
72.251.241.196
72.251.249.14
72.52.178.23
74.222.140.101
76.223.111.18
77.243.60.138
82.113.101.132
85.114.159.93
99.80.190.113
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08678e17d5a7693ff31f1546961e9383bf0fa58942e9178470bb7a329aa5f587
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bed4a3c76c41b666e1d00294016ae264c8fa9db3dc40a9a9ced135ffe1da27b
0da0c9c2b2aaab454b67b1ff091c3ca1ed965f470ff65e62094e40fbd69a7a64
104b983695ee40fba6818cb791681f03d27df9dc2afb0284b23da66461f17405
110a303b8b195ecd3121f7f42a9d22650a8b930a6f88a830455a94e95f6e1896
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130470a6c78b43a4443a611d4c3e4b7fcb1a45c2c28eb6659153fdc31b0c510f
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1806f19d72e2b328d763fb64435df4928f56e8d6e00176f00321307a1093ef13
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
2156f5334e78660d7e47b1ef7269bc80f3149da3e08b0021e3c7717b44e31705
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
2514cca30bf76dc27903270dc77db0736570801176c84895e438f180bde7c2fd
2a913b63823132df5ae746e46650f15a84b874c237c2873e3af16173c497255b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2be4f4684db4c398e31eed63adf2a419356aedfd9e4d5c092f595ebef4254029
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e706a5218a2ec2ec1c6aad42e4c926df6173da4345dcc9840ad5b3b281a0f9d
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33e4770d9f8d1deac89c884e156dcf4af232bf9aab8b02f380c897f3ff8dfb22
3498ce92b0cf0e6d715fb8728839f08f3fd1d0ee42052a72c3c988f2d9b81e73
36730b81cf788094fe626ffdb6831e33ae4ac53efe5a4e801e32f64cf8b2b051
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37f2c5f00e06e4c4c194c1dbade24df75e17cd54f190fff98c60ab179fc8d8f8
38e523bf570cc6089ab8b5ca6d91377d1890b7e550dd99d709f2dcedcc906a43
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494ca69e2fba79012c90453434b0fb56db844d0515dae4b78f3b2910a532e070
4a5890fadf4f1a5db4e8fec4ef5198e1f747d04af748cc476f40807b0f1f241d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4cf30264c26fef49afc93a6e9f4045f4f9e0a5eb0479df70ce2f08837bb63fee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f725cd3841b515b5b550889338d3b8d4923a5f38dd31229642c831aeaca6aa7
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5198a3ffd5e324f6065c453f5bc702580c32fa4b344f3a82773be282cf7d238a
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5badd12771e18462a140c30a952916df968ec6b8f4ef28f1f74bb6d83c181211
5c5af71bd9bf11f13418dad2910f96a289cb7ca142f44b6b86827b95aca7ef3b
5c91adffcba594220278ec5ae112b05dafe835e7d4cb2711340d736acd4f0b74
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e
6119b3a6a86e05dcafef83df6c5cd162bd1dfa6965ef1ab3388fcf8c7b6b5572
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657db32d81c2b2306d1ca327e61cb96458d448a2f10aeab48c10964be0a188d2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6809cc6b7bd820f6162b3ca44d15e08f00234ea6a79472ff097799718d945d1f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e967969e4a605735920bf94e75018c30699dab5fefb0b973d05bb175d200777
6f55d7a93bfdd4fafecbdbc2c8f4fa6d5735461d7c56ad361f1ba9534816aa39
6fdc9e605b11eec3a9677496dc92cea3d8f3d568c4778249c372049b03f2d7f3
7133b1b1cf6db052e3351a20533de53583cb23d63eb47ae79c25085f55baab27
7173f775c89f8f8b5042810a2fa5cfd75a6b2c60c6f61ece87347754c9da469b
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
74071637f8d2b398523e7f9a65efb2577ad44f8a55227f74eb26689746a474ca
74243d8213a3e44d0d9757a8b7c4f6955a66b39a690e87bd0adb1ff8047d025e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
766037869dbcd28801b9d7f498b6f81d624e82f97f8f16fd1a744eb4cb7ffe04
77a37aa580fb9d08dafbfab6a407b8c555c34b6ad24b7cd571f70e5d6bac800b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7af9de024889fc1527ebedb4e89b9e4841070ccc9b88a514b407f7b637155a92
7bdc2c5c47be6b76b39867737b63ffc0db58a725d6c204e9148f34d9b0690868
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
7f37fcf7fa38e9f78f48b8daf17b98907445378568ff2df7f791fff79aef307e
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
81c0f35656065ed8f2072ab796949fcb5ac7f936476fae726f82e0ece5c89c90
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f7f1ffad237f3473064a1ec7307061bd8a96b37f3177e14fdf344f30290155
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cd6bb2931338c651f7e3ac6cc37a14627506839fd89236f2fcc8fd4d22ec0b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
91e7d1edd0275848e708c4ed47f49695eedbdd92bba1f69a0543354a7118395f
927c56922488a539b3f75adaf07cab80c241f0cf53f7accfe940a6b4b88696f2
938f5517635098b2b79684110ca6672037132ae7646af8fa3bbc9134c5682ea7
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a73ab09149791dc5a05d7ac48f6b9b26e02e1c36787fe89e847653a9578d04b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a446d497ec0e406d08c3f792f10566bd5dde3f063a365ef7341d0c3860d0a379
a47d6927399f0b2dc43967004002012991ffba60f678ecfd1deec0aeb7c7be98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a547c3bc669db757e51834cdae4a7a395f718463509944d5a525cb17c8296e70
a60c69a8bf2d56c3a5cbb3bf90fcc525e5d30dbf666cc30183f0596161dacda0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a890924e6d982678eb86a04bce3dc2d7f1c2a7cab7f9b37b83a9caa410393e65
aada6605c668da3851ffba68a8f5d53cc2dc8ab80a8a713cc19a23f274403513
ab2ab10cc6a27b139c16591eeacd063b823d41f16e6d86ecdb38e1f704ebe564
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad2e88aaf7ed709d90cd0ca66aadc987faf39ee74991f73a89c0c8860c91551f
ad99d0f9a0f48b6249069f5a0f8e7d7823c846e0af1acd6a51fb37ba04240411
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b188793efb6a0e104e3c3153bc026f8afd011f4cae34fa1fcffebac6bec7214a
b1b76e7307506df82502995465aa369c0d6fd9d85a55201f7d30572a665eb02c
b1dcfc798e8e130c42e068c310813e1e516c770cc2e726a07a2162fa77df7ace
b30234dd4e58fa2d0c5021f136dd9d08398815fa04d00b47f4b9451b619d5b77
b33755ed37848e8b315b1bd34b042e9dafa09db1159d61b3cc59512756f40dfb
b5a2ed0e1930bde8ec83d68b886e7249d6b3b31587880a05a7c46df3f552cea7
b65815a4b904a6b86568054d27c132c20e25b416983bff84abad7fbec215b8a7
b777898f84c03a15a16771db6d7f8a022bf45bd5dab8266a8bc158c36831c43a
ba4431edf47bcaf2d9ef359403319792d549bbfa7ce0394d613d32a20a618e15
ba7ea7a55fd2bdf70d34d34e946179fdd01c994071651e39507e1f84cb7da77e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbaf3bba774f1019e28172de5802a95983aea42c4cad85743361c7a0585c7393
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bdd02719f1ddf1eeed191540a862b1a7b8fa0e5baf2c32a5a3a532044e2e989c
c1e9dbc70e6ffdcacbf2c7dec4046c4efb7cce681ca30d48129f3e2ba360539a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9e61e0e72d4554c295fe846a551c7e7361b0e3c7633fd95d73688eeb7cbb3f1
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
ca23565b5fad005fac96912729c5a400eb06ae8664e76ed1efb52a7219d46b79
cc54dc4d2f71945b0ab81cdc5fba79903453a20e2b03214902e0daa62c5ca2e5
cca3aa1de0c8fffc7c2d52a34209eae1dbb053371dff2548e2dfc98a5fad9ceb
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdc7b78cbd660bf7652e5935fe7d14e0b475ce7ca5afac9dcbddfdf4d043ec4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7
d5cb57507ef30f9c322c3a42f6332907030b2dc86b7009c77696380fc339644d
d775064382a0799231e565c5458e520889294157a736796c9cd6b675c438178a
d85c0dac777196641757b4d6683283b6fd3a8e384c68f32b92934688f6141be1
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc03d75433efdc539c26fa8288464a3c0796870fbbd5939ec8bb624e2da97a53
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd57f840fb8920690c2eace79ec85dbc61e8d0dba6855c3dc46200cccc9683d0
ddb0ae0bb2a71cfd5805a7218669f95c02813d76750118c76706a71f2fb383aa
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df50c1ed3591dd5aff0ad801fb4bbc6d56527218bd5709260b4fe1ad1ac4dc1f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e120b113bed2d0490520cdaccfe2c1d992a8c8da9756d71a46b25acbba81e0e3
e162e5ea744f50808907173bf387dc0430bef0ff1fa5f4702f17a89b9917d0e2
e1d6061ee999e6bf4094a04d03ca16bf8d8ae0fa2ee97fa47f25b9ce5bfbe7b6
e26e4f75ac415fc65c9c596acbd30876d294335b645a5926dae05a29e97bac69
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb1dbdc4b19179b5ef200f64c867ac9921a2d3dc7e183ed9969b5a518bbdbed4
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec5b97c228830a1e0e54750e7a313b09ad34a0e1827824b3e318d1a4baa64362
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05cbd0de5224093bcc8d426cc6ac129ace17752b9e61e3acc8601e5c84e6863
f367880630883ea99b08f057dec0e48120c61227f8e5293ca5dff29f7de804c9
f5e3118d5a051002ab8515936548edff4e37d13fa117a2de3012aba4ceb470a6
f7303b7e852cb003f321ad837b883e1e036c10104a717d76d6b74167804536b7
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
faf03a13fa3d1c0f7eae7925c5037608f3865abd35de717aa9c1ae82494f9f29
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb