urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Effective URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Submission Tags: falconsandbox
Submission: On September 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 13 countries across 72 domains to perform 337 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 230393.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 17th 2021. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
10 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
34 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.199.89.150 14618 (AMAZON-AES)
21 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 142.250.186.162 15169 (GOOGLE)
1 23.35.229.56 16625 (AKAMAI-AS)
6 23.35.237.56 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 35.157.246.167 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
1 3.64.74.79 16509 (AMAZON-02)
1 3 51.89.9.254 16276 (OVH)
3 6 185.89.210.101 29990 (ASN-APPNEX)
2 3 52.28.42.131 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 147.75.85.234 54825 (PACKET)
1 169.63.109.126 36351 (SOFTLAYER)
2 104.18.19.126 13335 (CLOUDFLAR...)
8 3.127.126.125 16509 (AMAZON-02)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 35.244.182.124 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
1 23.35.236.247 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
13 18.66.97.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.208.240.0 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
4 18.66.108.49 16509 (AMAZON-02)
1 34.234.134.156 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
4 15.197.193.217 16509 (AMAZON-02)
26 2a00:1450:400... 15169 (GOOGLE)
4 35.170.30.54 14618 (AMAZON-AES)
1 18.66.147.73 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.206.210.112 16625 (AKAMAI-AS)
2 5 104.18.18.126 13335 (CLOUDFLAR...)
1 185.94.180.123 35220 (SPOTX-AMS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.198.174.222 16509 (AMAZON-02)
1 52.29.135.93 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 26 142.250.184.226 15169 (GOOGLE)
4 35.244.159.8 15169 (GOOGLE)
6 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 185.86.137.122 201081 (SMARTADSE...)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
1 1 172.104.121.22 63949 (LINODE-AP...)
3 3 213.19.147.45 26120 (RHYTHMONE)
2 2 3.126.56.137 16509 (AMAZON-02)
1 35.159.6.67 16509 (AMAZON-02)
1 1 103.229.206.241 30419 (MEDIAMATH...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 213.155.156.180 1299 (TWELVE99 ...)
2 2 37.157.3.29 198622 (ADFORM)
2 2 72.251.249.14 32475 (SINGLEHOP...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 159.203.145.121 14061 (DIGITALOC...)
1 54.65.22.125 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
1 13.32.99.105 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.96.145.246 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
2 142.250.185.66 15169 (GOOGLE)
337 81
2    72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
popcorntime-upd.xyz
10    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
34    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    34.199.89.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-89-150.compute-1.amazonaws.com
embed.sendtonews.com
21    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
6    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
9    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
adservice.google.de
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    3.64.74.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-74-79.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
3    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
6    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    52.28.42.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-42-131.eu-central-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
8    3.127.126.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-68.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    18.208.240.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-0.compute-1.amazonaws.com
s2l.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
4    18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
26    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    35.170.30.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-30-54.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-73.fra60.r.cloudfront.net
player.sendtonews.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
dsum-sec.casalemedia.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.198.174.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-174-222.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    52.29.135.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
24    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
26    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
2    2607:f8b0:400f:803::2003 (Highland Park, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:1b::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5lzney.googlevideo.com
1    85.114.159.118 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    2a05:d018:24:b002:d320:1e1a:8a69:d2b0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    172.104.121.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1731-22.members.linode.com
a.c.appier.net
3    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.159.6.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    54.65.22.125 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-22-125.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
65 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
ade.googlesyndication.com — Cisco Umbrella Rank: 316
765 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
pubads.g.doubleclick.net — Cisco Umbrella Rank: 368
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
326 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
888 KB
26 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
2 KB
21 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 625
168 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19566
s2l.sendtonews.com — Cisco Umbrella Rank: 20543
timber.sendtonews.com — Cisco Umbrella Rank: 21199
player.sendtonews.com — Cisco Umbrella Rank: 22426
208 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1 MB
10 simcast.com
simcast.com — Cisco Umbrella Rank: 230393
118 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1586
match.sharethrough.com — Cisco Umbrella Rank: 799
1 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
mts0.google.com — Cisco Umbrella Rank: 6622
33 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
239 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com — Cisco Umbrella Rank: 456
ajax.googleapis.com — Cisco Umbrella Rank: 480
346 KB
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
as-sec.casalemedia.com — Cisco Umbrella Rank: 2163
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
5 KB
7 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 2637
ib.adnxs.com — Cisco Umbrella Rank: 329
7 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
at.teads.tv — Cisco Umbrella Rank: 4668
sync.teads.tv — Cisco Umbrella Rank: 1510
5 KB
5 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
11 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
cloudflare.com — Cisco Umbrella Rank: 180
30 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 708
546 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
176 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
47 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 848
match.360yield.com — Cisco Umbrella Rank: 5953
947 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
845 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6721
647 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1505
s.tribalfusion.com — Cisco Umbrella Rank: 3853
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2044
787 B
2 googlevideo.com
rr3---sn-4g5lzney.googlevideo.com — Cisco Umbrella Rank: 45017
778 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 popcorntime-upd.xyz
popcorntime-upd.xyz — Cisco Umbrella Rank: 102549
3 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
265 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 21456
437 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 9008
233 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4008
44 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 3857
68 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
464 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
861 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
574 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14783
556 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 4047
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50041
609 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
75 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2152
583 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
503 B
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
112 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 678
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2186
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1084
356 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5408
163 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 11660
96 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
13 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1802
11 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 7623
402 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6082
2 KB
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 25217
547 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
273 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176
145 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1479
236 B
1 google.se
adservice.google.se — Cisco Umbrella Rank: 93190
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
644 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 23564
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
41 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 460456
957 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 38994
139 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
30 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 advertising.com Failed
sync.adaptv.advertising.com Failed
0 smilewanted.com Failed
prebid.smilewanted.com Failed
337 72
Domain Requested by
34 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
26 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
26 s0.2mdn.net imasdk.googleapis.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
popcorntime-upd.xyz
s0.2mdn.net
24 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
24 c2shb.pubgw.yahoo.com cdn.adapex.io
21 img-s-msn-com.akamaized.net simcast.com
13 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
10 simcast.com popcorntime-upd.xyz
simcast.com
code.jquery.com
8 btlr.sharethrough.com cdn.adapex.io
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
popcorntime-upd.xyz
7 s2l.sendtonews.com embed.sendtonews.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
popcorntime-upd.xyz
6 ib.adnxs.com 3 redirects cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
googleads.g.doubleclick.net
5 sync.teads.tv googleads.g.doubleclick.net
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
5 www.google.com tpc.googlesyndication.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
5 a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
4 us-u.openx.net googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googletagservices.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
4 timber.sendtonews.com embed.sendtonews.com
4 match.adsrvr.org js-sec.indexww.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
4 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
4 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
3 www.gstatic.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com embed.sendtonews.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
3 onetag-sys.com 1 redirects cdn.adapex.io
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 embed.sendtonews.com simcast.com
popcorntime-upd.xyz
embed.sendtonews.com
2 ade.googlesyndication.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 ajax.googleapis.com s0.2mdn.net
2 ap.lijit.com 2 redirects
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 rr3---sn-4g5lzney.googlevideo.com 1 redirects a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
2 csi.gstatic.com www.gstatic.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 popcorntime-upd.xyz popcorntime-upd.xyz
1 token.rubiconproject.com eus.rubiconproject.com
1 sb.scorecardresearch.com simcast.com
1 ads.avads.net 1 redirects
1 rtb2-useast.e-volution.ai a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 cc.adingo.jp a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 cs.chocolateplatform.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 s.tribalfusion.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 match.sharethrough.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 a.c.appier.net 1 redirects
1 tr.blismedia.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 ssbsync.smartadserver.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 mts0.google.com a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.cdn.fastclick.net popcorntime-upd.xyz
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 cdn.resonate.com embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 prebid.media.net cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 adservice.google.se pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 match.adsby.bidtheatre.com Failed a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
0 sync.adaptv.advertising.com Failed a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed cdn.adapex.io
337 102

This site contains links to these domains. Also see Links.

Domain
www.afternic.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-17 -
2022-09-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.se
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.360yield.com
Amazon		 2022-06-29 -
2023-07-28		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh

This page contains 28 frames:

Primary Page: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Frame ID: 1E9A7F42EB1526868C3E979C3AC979A0
Requests: 138 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: B420E614464BF9FDE20BF68B2A162F64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1662662777&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662662777732&bpp=4&bdt=664&idt=224&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2888509919199&frm=20&pv=2&ga_vid=935957642.1662662778&ga_sid=1662662778&ga_hid=751560828&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31060566&oid=2&pvsid=2324073275517934&tmod=1009868459&uas=0&nvt=1&ref=http%3A%2F%2Fpopcorntime-upd.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: BB79912DB75AE2C83FE47D92480FDE20
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 64E0B7AC51E1908D5891362E19EFE55E
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: D44C3D0B96F17E19F9510A4D1329210F
Requests: 3 HTTP requests in this frame

Frame: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E573310AD920C71FE59569B83603457C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B3E2AACCA65DCF8599C4636325E301F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FD408C8C6AF7B3BCB186249D4C9C184
Requests: 2 HTTP requests in this frame

Frame: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 45BB8E2EBF2CA267CFACB83D784EB528
Requests: 16 HTTP requests in this frame

Frame: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 760D0F1EF0F208761AD59D4AC7CAB2E2
Requests: 23 HTTP requests in this frame

Frame: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 04C97EB43695DA818E2EADC3536F8965
Requests: 15 HTTP requests in this frame

Frame: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9315093D3E17E5D3109DA56A39D743C0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Frame ID: EA09D0FDD6327467199EB471880B8EBC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Frame ID: DAED9D420F31701E5629E96AC0D2F31D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Frame ID: 65682E9CF958B36A4385BC9294049C42
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB814D4163DCD5C251F2937F867CD09D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D0596C8D90BC0037935C873DFB5984B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Frame ID: 927FDB7DE98DBA9CD2FB8BAC386EF902
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF5710BA267F5A5F66AB1C4D5679BE28
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Frame ID: 2AB4E679FF08DBAF2E37694995C02E83
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CAC8458E0F2AC993F0A60887D725D12F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0FC68FBE455292F2FE2C8AF5C00E0FC0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA94B590B5DDD5D6259BFDBA83543B77
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 98F438FA1A240094450CF0B0150022F6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Frame ID: 9EF4146A94B4875C6694E133F18864FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Frame ID: 1C9379EAF65F2F52F5C4FC887C6056A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: 6E8CAFAC7D91DC7651BA7CAD86BB5565
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FF8FAC724CA61D316BF967B6DEF205E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101 Page URL
  2. http://popcorntime-upd.xyz/page/bouncy.php?&bpae=GbhOd6c6okx%2Fj3Nk%2B96s2dzOHFmmytclRt7NNyHHRFf3JXScG7... Page URL
  3. https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

337
Requests

90 %
HTTPS

34 %
IPv6

72
Domains

102
Subdomains

81
IPs

13
Countries

5761 kB
Transfer

10518 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101 Page URL
  2. http://popcorntime-upd.xyz/page/bouncy.php?&bpae=GbhOd6c6okx%2Fj3Nk%2B96s2dzOHFmmytclRt7NNyHHRFf3JXScG71pXbsiSTEVDZeZfj7j7v9RNiKAz30N%2FV3kKWmPFHQtJi%2FfTvMOcyHVsYjV%2FfHMGDV2d8iTV3GrTDeH0MyJT2%2BYjRivkoLRQ39PgNp3Ep6C6A0r%2FUuZfyFx6KbKx9F%2FX2MXbdsC%2F7lH%2BI7F2UCz1SgEVpreNToQZyQkfvpit5UYNsNhdVjXp%2FwZzdMdCJ7aWyYWd8V%2FEHUxCS0YCOIgxyCaLljTejVufXqblVSXKNJ9J2%2FQTT%2BqFzfG6LIGG8ZVMxwTrTkOb6FvptQakR%2FW7zHv3Kmw8L0VNoOgc5wlHPoViTDYPX%2Bd%2Fd0c%2BinL1pL7ElfzB2sVKwhnHv2REj01y33DqD7G0oTvN0OiaTbS1ZY%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bmeJPXx1d1R3emVpQTlhNmtWY3lyVi9IM0hmSStsK05HM1hPV25UZnBWMmplNlE3TGlFc3JvQ05KU0NLS1dmYmJuWjE0YlNnanNoaG9kc3BneGZxZkQ2b3R5T1RlWUxWMDV2WGw0N0pITlFlVWdCb29JMHduRmNmKzF0RXRLRlRhdklqMm9Rd1VJMDA5K1Z2M3RhcUdGMFdLdTI4WFNQemRKRkZZT3kxU0wwN2IzQm90cEV3UGVUckc0Qk5Ba0pWTU1DM1FXcUF2bzd2UmYyQ0FuN0tLVWdkSE9hSTZxRVR6RlRHUjhVQ1NqUFJMVU9VPXw&cppv=2
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxo4fCTK-e6HNj1hXnf8QQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBfzFIlPO1nXca_fEUzxiMs&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBfzFIlPO1nXca_fEUzxiMs%26google_cver%3D1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwOTc3NjM1OTk0OTQ2NDAx
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
Request Chain 237
  • https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&mh=ff&mm=31&mn=sn-4g5lzney&ms=au&mv=m&mvi=3&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.104&lmt=1661526690286274&mt=1662662465&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgerg6iHRtG-70cExC2qaIJ2r2R5T7JW0W9wPtc5OedoECIQD_UqB0FEhDDhGGrhNsPC9Bl0clm6m-bYNlLLvikDfmvQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgcDi44H3Nt0Ts_sEF3f9SzViIypicctNv_9CDwP4avv0CIQCdJGc5FRdxtDs4-upMlXb0zHTe2E7HLp9C4lKo5Dmt-A==&cpn=1-VNFk0VTiJLEJSd HTTP 302
  • https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.104&lmt=1661526690286274&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgerg6iHRtG-70cExC2qaIJ2r2R5T7JW0W9wPtc5OedoECIQD_UqB0FEhDDhGGrhNsPC9Bl0clm6m-bYNlLLvikDfmvQ==&cpn=1-VNFk0VTiJLEJSd&redirect_counter=1&rm=sn-4g5eky7s&req_id=dd0304c049636e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=ff&mip=2001:1b60:1010:3:1011:6725:cc42:a454&mm=31&mn=sn-4g5lzney&ms=au&mt=1662662702&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK9uQnLhgDHeIZBgKRR0s9h0Rmix9LYzoHWy7DIOkotPAiEA_SCfKwH8_lGz4gm87UWdFBZdwVm53sCIZ1TjPQuKePA%3D
Request Chain 252
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGd4uv7cvgxflKmEdpRPt6s&google_cver=1&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-njaP7ijdniy3B8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0MTA4MjI2NDM5NDA3MDE1OQ%3D%3D&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-njaP7ijdniy3B8
Request Chain 253
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECY42khieQGAwZLVwC-MMH8&google_cver=1&google_push=AehlK4CefPdfTpG4mDCHPSCq6151kF0Qz309FTNG1c_Ap7KoAfC1ns4t9S8aUI9kCskTD1GUiAT3vdZ_S6-bdLjrBKNnT7evQtQ HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECY42khieQGAwZLVwC-MMH8&google_cver=1&google_push=AehlK4CefPdfTpG4mDCHPSCq6151kF0Qz309FTNG1c_Ap7KoAfC1ns4t9S8aUI9kCskTD1GUiAT3vdZ_S6-bdLjrBKNnT7evQtQ&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=p9dpFIKtT7WYvQKoElc5AA&gdpr=1&gdpr_consent=
Request Chain 255
  • https://match.360yield.com/match/ebda?google_gid=CAESEEkIrnvne6DseyWY4pmEA7k&google_cver=1&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbPsZitA HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEkIrnvne6DseyWY4pmEA7k&google_cver=1&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbPsZitA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XDyOkqjNQqeOgr_e3TZO3Q&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbPsZitA
Request Chain 267
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPhDiWcv07thYyELqOhMeSE&google_cver=1&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp8WGR2VtxFkPr4WYnM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp8WGR2VtxFkPr4WYnM&google_hm=FFJsQN9qTh-rslUNeYKk74Q
Request Chain 269
  • https://a.c.appier.net/gcm?google_gid=CAESEJ8FipsnzVnpUWWYs4gu7bU&google_cver=1&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThmtsMACc3RJM3mczZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S3FYZlNBX2NDcjJrWGZsb2ZUZ2FZdw%3D%3D&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThmtsMACc3RJM3mczZ
Request Chain 270
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELzpQoVHCa21FxkV6NeBHJ4&google_cver=1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1662662780495 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-74a466dd-2ee9-4fa2-9267-6b12275dbba7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB%26google_hm%3DA3SkZt0u6U-ikmdrEiddu6c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&google_hm=A3SkZt0u6U-ikmdrEiddu6c
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKaD_JvYa2ZMtlQowDUTews&google_cver=1&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DSLF17tQ2xN5VdhUtb94vuSRb47o HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKaD_JvYa2ZMtlQowDUTews&google_cver=1&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DSLF17tQ2xN5VdhUtb94vuSRb47o&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hSTNOR0xoRTJ1RjVLUng0SG9HZHdBa2oyeThKT3AweH5B&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DSLF17tQ2xN5VdhUtb94vuSRb47o
Request Chain 273
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKB20IgJMQoBPaLcobFVhpw&google_cver=1&google_push=AehlK4BprMfId0vnPt71_ic7mk6dmSQVVG5mDu_OPvZrArbDFdtLY1719zjGSAqMvzhRZenBHfxF-f_FwI5Feh5FpTCJB6T9CEKl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BprMfId0vnPt71_ic7mk6dmSQVVG5mDu_OPvZrArbDFdtLY1719zjGSAqMvzhRZenBHfxF-f_FwI5Feh5FpTCJB6T9CEKl HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 276
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKEVY0Q-M_ghy1SgGQ5T87M&google_cver=1&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zSWYAy3PxVfAbA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zSWYAy3PxVfAbA
Request Chain 277
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 280
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDBPGC3HVma2UXTFmwRtOnw&google_cver=1&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDBPGC3HVma2UXTFmwRtOnw&google_cver=1&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr
Request Chain 281
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOVqnXLFeJpizebe-JcpoTU&google_cver=1&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-_W5Qv0RQSUSkbQcMmRvu HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOVqnXLFeJpizebe-JcpoTU&google_cver=1&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-_W5Qv0RQSUSkbQcMmRvu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5MjYxNjMxMDgzNzQyNjIyMw&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-_W5Qv0RQSUSkbQcMmRvu
Request Chain 282
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEBMdpUCMIBITV-JyqmWdKc&google_cver=1&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEBMdpUCMIBITV-JyqmWdKc&google_cver=1&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae&google_hm=FSIGpGZHFKyRvvwLTQusRZKb
Request Chain 286
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF11jKXJYDeSDlaoWN2mK7A&google_cver=1&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK2RFrACwEW11NYTZoFADI3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdURUhPNEUtUi1NNjFS&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK2RFrACwEW11NYTZoFADI3
Request Chain 290
  • https://ads.avads.net/sync/ggl?google_gid=CAESENWCp-ufZch4UgMYxVuRVxo&google_cver=1&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk5OeYPNblVYSdtefyHz9084Gdd9Zc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=N2U1NDkyYmYtYTAwZi00ODcwLThhZDItNThhMWIyMzk4NDRk&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk5OeYPNblVYSdtefyHz9084Gdd9Zc

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
popcorntime-upd.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 18:46:15 GMT
Keep-Alive
timeout=5, max=96
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
popcorntime-upd.xyz/page/ 		715 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
http://popcorntime-upd.xyz/page/bouncy.php?&bpae=GbhOd6c6okx%2Fj3Nk%2B96s2dzOHFmmytclRt7NNyHHRFf3JXScG71pXbsiSTEVDZeZfj7j7v9RNiKAz30N%2FV3kKWmPFHQtJi%2FfTvMOcyHVsYjV%2FfHMGDV2d8iTV3GrTDeH0MyJT2%2BYjRivkoLRQ39PgNp3Ep6C6A0r%2FUuZfyFx6KbKx9F%2FX2MXbdsC%2F7lH%2BI7F2UCz1SgEVpreNToQZyQkfvpit5UYNsNhdVjXp%2FwZzdMdCJ7aWyYWd8V%2FEHUxCS0YCOIgxyCaLljTejVufXqblVSXKNJ9J2%2FQTT%2BqFzfG6LIGG8ZVMxwTrTkOb6FvptQakR%2FW7zHv3Kmw8L0VNoOgc5wlHPoViTDYPX%2Bd%2Fd0c%2BinL1pL7ElfzB2sVKwhnHv2REj01y33DqD7G0oTvN0OiaTbS1ZY%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 18:46:16 GMT
Keep-Alive
timeout=5, max=89
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		38 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/page/bouncy.php?&bpae=GbhOd6c6okx%2Fj3Nk%2B96s2dzOHFmmytclRt7NNyHHRFf3JXScG71pXbsiSTEVDZeZfj7j7v9RNiKAz30N%2FV3kKWmPFHQtJi%2FfTvMOcyHVsYjV%2FfHMGDV2d8iTV3GrTDeH0MyJT2%2BYjRivkoLRQ39PgNp3Ep6C6A0r%2FUuZfyFx6KbKx9F%2FX2MXbdsC%2F7lH%2BI7F2UCz1SgEVpreNToQZyQkfvpit5UYNsNhdVjXp%2FwZzdMdCJ7aWyYWd8V%2FEHUxCS0YCOIgxyCaLljTejVufXqblVSXKNJ9J2%2FQTT%2BqFzfG6LIGG8ZVMxwTrTkOb6FvptQakR%2FW7zHv3Kmw8L0VNoOgc5wlHPoViTDYPX%2Bd%2Fd0c%2BinL1pL7ElfzB2sVKwhnHv2REj01y33DqD7G0oTvN0OiaTbS1ZY%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
3781d92ee872bdb9d30b9d87717f190803a39c81294d123e1550fa363316a039

Request headers

Referer
http://popcorntime-upd.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7197
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 18:46:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15851"
vary
Accept-Encoding
x-hw
1662662777.dop009.fr8.t,1662662777.cds141.fr8.hn,1662662777.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d3b6f8dcf913c675c2e9fbde3d82acc3720a5a3c4ee2d817ee167a38f7cb4393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 00:43:21 GMT
server
Apache/2.4.38 (Debian)
etag
"50fe-5df52a923a88b-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
4282
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
application/javascript
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		501 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f55d7a93bfdd4fafecbdbc2c8f4fa6d5735461d7c56ad361f1ba9534816aa39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30660
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Sep 2022 10:14:22 GMT
server
cloudflare
etag
W/"63171d7e-7d293"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ1NZIq3ebluiYi3DNiLK%2FlCM%2FIaa05Z7MhM6X4HU7iKWPkF%2BU0yFDqp1EpxZj0iMze3Y5pa1KsZO2P0ZTo9aShcS4XKEgRDuv7VFAEdbGmpjPh1h5XqF3PyyPAJ0wdNVacT5SRKFIXBwXLg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
7479d8951e8c9bce-FRA
expires
Fri, 09 Sep 2022 10:15:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f4feeb165b9a1c775f338d9f9cd8933f5acac65cb44b4ebf73f4bcd9cc07ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51611
x-xss-protection
0
server
cafe
etag
11324186366218202480
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 18:46:17 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/png
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		672 B
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=popcorntime-upd.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
1a784f670d62ceafd816794ca11d7d61829c4d7f9ed4ba18c18d07eefb985b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 18:46:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4309558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmWYWN77BtHM5%2FCsOroesMIZCxexSizrNTJpQYaXq2P3H0dYbMf90jlrFdksLrSIsxZchVQUM7Q22iQJ8cgo6zXtu8sccdSQBUxItlRKSGGtpnT9llDP3QwsdsaWduoil%2FZN2InyON3fM9XOsIZ6CaCy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7479d89788a1922b-FRA
expires
Tue, 29 Aug 2023 18:46:17 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3545031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyUcXDrn15088Grt7BuvOEVqtrv3THe6nfmudm%2B1fdkkOxqNehn%2FXQFg1zhAk95Y6cKsGrP0Mmau1ate8HnCv912l8VavS0obEzirYXpwnUu8uuvk2oxo6%2B6%2FqNA%2FAur0VhCUI2WsejNw98eiZ0srEci"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7479d89788a3922b-FRA
expires
Tue, 29 Aug 2023 18:46:17 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3098
expires
Thu, 08 Sep 2022 19:46:17 GMT
AA11B8ou.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11B8ou.img?h=100&w=100&x=530.5&y=406.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0bc2f49d879c7aea267c8a9bbd49de4ea0c820c96efb4189befd463cb98218f8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 15:03:26 GMT
x-datacenter
northeu
x-source-length
301200
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418654
x-activityid
d511d060-e59c-4bdd-8e98-bd393a7b9630
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11B8ou?h=100&w=100&x=530.5&y=406.5&m=5
content-length
3104
expires
Tue, 13 Sep 2022 15:03:51 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Wed, 24 Aug 2022 11:00:34 GMT
x-datacenter
westus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=274555
x-activityid
14f1fb15-7062-44b7-98ec-610a428b0bd4
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Sun, 11 Sep 2022 23:02:12 GMT
AA11Beb0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Beb0.img?h=100&w=100&x=400&y=255.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0c5170e612160c8237aa593d7e2b1befce05a970e69af0d521b3a06e065e53e0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 13:57:58 GMT
x-datacenter
eastus
x-source-length
65715
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=414693
x-activityid
f91073c3-7338-4bec-9da0-913df1e9ba00
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Beb0?h=100&w=100&x=400&y=255.5&m=5
content-length
2804
expires
Tue, 13 Sep 2022 13:57:50 GMT
AA11BGDX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BGDX.img?h=100&w=100&x=2070.5&y=1424&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57a2a8583ada42c588d082274a1f713a328c856d8042b850406eabee4afb1bd5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 14:45:42 GMT
x-datacenter
westus
x-source-length
1432455
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=417498
x-activityid
264ebdb6-2dd0-47ec-bc5f-96c2a14a4589
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BGDX?h=100&w=100&x=2070.5&y=1424&m=5
content-length
2756
expires
Tue, 13 Sep 2022 14:44:35 GMT
AACl6Lf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AACl6Lf
date
Thu, 08 Sep 2022 18:46:17 GMT
x-source-length
18254
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf
x-activityid
5e9bdbb9-471b-4eba-aff4-545783ac6092
last-modified
Fri, 26 Aug 2022 21:19:54 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
18254
x-resizerversion
1.0
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=95605
timing-allow-origin
*
expires
Fri, 09 Sep 2022 21:19:42 GMT
AA11AYou.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AYou.img?h=100&w=100&x=678.5&y=133.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2249afd53c3eb775f641018eb3bfcedc9dced08382941544ce8ef152e46b471a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 15:28:57 GMT
x-datacenter
westus
x-source-length
368886
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=420102
x-activityid
a02eacd6-5393-4bcd-bed1-b071885bde8b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AYou?h=100&w=100&x=678.5&y=133.5&m=5
content-length
2616
expires
Tue, 13 Sep 2022 15:27:59 GMT
AAUwcZ4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAUwcZ4.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
84266de6b8dd93ab86d3bef67497ccd85e0dc7baf37d4c55d380d929bf200f14
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Fri, 02 Sep 2022 10:33:41 GMT
x-datacenter
eastus
x-source-length
5441
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=273598
x-activityid
06f77ac9-c4a6-4147-b08e-06965988007d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAUwcZ4
content-length
5441
expires
Sun, 11 Sep 2022 22:46:15 GMT
AA11C6qy.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11C6qy.img?h=100&w=100&x=487.5&y=206.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c45d970e38f19eedeffabcd8cb67672ccea6989a7f410bdce5d703850f354126
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 17:13:14 GMT
x-datacenter
eastus
x-source-length
362670
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426410
x-activityid
c6fbab32-2bf2-4864-bcda-75344fa6a421
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11C6qy?h=100&w=100&x=487.5&y=206.5&m=5
content-length
4816
expires
Tue, 13 Sep 2022 17:13:07 GMT
AA11BxN3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BxN3.img?h=500&w=1000&x=460&y=360&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63fbc51ad346aea2bb3fe417aa36161dec6f9e40c0cfa69ed6af0ea93e68c215
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 14:01:06 GMT
x-datacenter
westus
x-source-length
86754
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=414980
x-activityid
4877e6d6-fd9a-4309-8796-fc1ece47c780
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BxN3?h=500&w=1000&x=460&y=360&m=2
content-length
35029
expires
Tue, 13 Sep 2022 14:02:37 GMT
AA11C74j.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11C74j.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
165f087de62cfacab30a284c76e754b183b95106a54be71a7863942dfc371ae0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 17:41:06 GMT
x-datacenter
eastap
x-source-length
334953
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428116
x-activityid
a9e1dee4-a724-4818-b130-f4a6f362c742
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11C74j?h=70&w=95&x=1024&y=682.5&m=5
content-length
2464
expires
Tue, 13 Sep 2022 17:41:33 GMT
AAPwesU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPwesU.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Sun, 04 Sep 2022 18:26:22 GMT
x-datacenter
eastus
x-source-length
2497
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=85192
x-activityid
2c4db459-40f9-452c-839e-b425ae3eb0d6
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPwesU
content-length
2497
expires
Fri, 09 Sep 2022 18:26:09 GMT
9.jpg
simcast.com/images/clipart/news/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/9.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 09 Dec 2021 00:11:49 GMT
server
Apache/2.4.38 (Debian)
etag
"3d9f-5d2ab73e23b40"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/jpeg
content-length
15775
AA11BGXs.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BGXs.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5bd4f3b36591ab11bd8814497aa6a57db6bb932037cab23f67984e24424a8c13
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 15:27:45 GMT
x-datacenter
eastap
x-source-length
424483
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=420058
x-activityid
a52bc19d-308c-4d0f-af4d-69d54b2284fe
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BGXs?h=70&w=95&x=1024&y=682.5&m=5
content-length
1931
expires
Tue, 13 Sep 2022 15:27:15 GMT
AA11Beb0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Beb0.img?h=70&w=95&x=400&y=255.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c78a75a80b0af00889366e2aa77fb18cd28eba4d14d52ba825dc556c88a7a6d8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 13:58:54 GMT
x-datacenter
eastus
x-source-length
65715
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=414812
x-activityid
5c5cc6d8-817c-45f6-93ba-bb4c75d2c639
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Beb0?h=70&w=95&x=400&y=255.5&m=5
content-length
2188
expires
Tue, 13 Sep 2022 13:59:49 GMT
AA11Bftk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Bftk.img?h=70&w=95&x=400&y=302&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
400ce77a1c5f0a25d7ef71d592489f68c8765b4f7ff9e5128806eab5aff72759
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 17:14:06 GMT
x-datacenter
westus
x-source-length
56652
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426455
x-activityid
b4dfd0f0-c576-4fdb-88d9-0160e5961607
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Bftk?h=70&w=95&x=400&y=302&m=5
content-length
2133
expires
Tue, 13 Sep 2022 17:13:52 GMT
AA11BV3p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BV3p.img?h=70&w=95&x=1108&y=295&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1b61a680f80431628981895dd25cc3fbac3cfbc93cca9a664c1bba558c0607e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 16:25:21 GMT
x-datacenter
eastus
x-source-length
326393
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=423527
x-activityid
a21cf095-e105-465d-8f88-7ed10072c843
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BV3p?h=70&w=95&x=1108&y=295&m=5
content-length
2687
expires
Tue, 13 Sep 2022 16:25:04 GMT
AA11BSmx.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BSmx.img?h=70&w=95&x=526&y=189&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55b52127e93c4ab38834ee254c6a791108c9cfe3bb0712c74b41e46eabe93fe6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 17:14:07 GMT
x-datacenter
eastus
x-source-length
51322
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426420
x-activityid
82cdba1b-9370-46d3-9a65-9cbd28f0afdc
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BSmx?h=70&w=95&x=526&y=189&m=5
content-length
2667
expires
Tue, 13 Sep 2022 17:13:17 GMT
AAHxwMU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAHxwMU
date
Thu, 08 Sep 2022 18:46:17 GMT
x-source-length
19380
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU
x-activityid
77c465f6-9957-4d12-9eb8-39c663b45551
last-modified
Sun, 08 May 2022 08:19:28 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
19380
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=266043
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:40:20 GMT
AA11AhT5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11AhT5.img?h=70&w=95&x=512&y=383&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3463c84bf9a9be40b5578009a961382a483b90a4c512ef659127b364e9a5e175
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 08:27:41 GMT
x-datacenter
eastap
x-source-length
62289
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=394857
x-activityid
a4d374eb-0ab0-4fdc-926f-95faad320413
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11AhT5?h=70&w=95&x=512&y=383&m=5
content-length
2409
expires
Tue, 13 Sep 2022 08:27:14 GMT
AA11BM2X.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11BM2X.img?h=70&w=95&x=467.5&y=146.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9f1074b8ce045435a41cace78ba36a854241981933df2b7e603cdc4bf304050
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 15:51:05 GMT
x-datacenter
westus
x-source-length
163508
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421541
x-activityid
56c81d12-387b-4166-a53a-3efae4c443d4
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11BM2X?h=70&w=95&x=467.5&y=146.5&m=5
content-length
2444
expires
Tue, 13 Sep 2022 15:51:58 GMT
AA11C3PY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11C3PY.img?h=300&w=400&x=505.5&y=672.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4cfe888d4b2130e501d6905a564d82ed77984f95ad7c59e7475aea3cf6bf4869
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 17:13:07 GMT
x-datacenter
eastus
x-source-length
151428
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426447
x-activityid
8e4e4ecf-87bf-4187-8b4f-f4cc9a063186
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11C3PY?h=300&w=400&x=505.5&y=672.5&m=2
x-resizerversion
1.0
timing-allow-origin
*
content-length
30000
expires
Tue, 13 Sep 2022 17:13:44 GMT
AA11B8ou.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11B8ou.img?h=300&w=400&x=530.5&y=406.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eebee9534e4d1e3fff2333feab1820c6ec32ad7f7e459d616e3eea600bb63f9c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
last-modified
Thu, 08 Sep 2022 15:05:27 GMT
x-datacenter
eastus
x-source-length
301200
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418669
x-activityid
c748c487-2397-4ff1-bb03-c216d48c7125
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11B8ou?h=300&w=400&x=530.5&y=406.5&m=2
content-length
18534
expires
Tue, 13 Sep 2022 15:04:06 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
351
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fe2b24cdadb395179c83e3b721beb65a92dffc5a892681ee4a4c3dcfcfff3bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41870
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:30:53 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Sep 2022 18:46:17 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Thu, 08 Sep 2022 18:46:17 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		324 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a012d5f025df66067989a1de06f3ad5c15349cc0a336c62284e0640b3ff1933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7479d8979a42bb65-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28627
x-xss-protection
0
server
sffe
etag
"1327 / 708 of 1000 / last-modified: 1662635110"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Sep 2022 18:46:17 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
CiKHX4xqxgFLMLxE9KKEwvOwE3PStQI4
content-encoding
br
last-modified
Wed, 07 Sep 2022 12:45:11 GMT
x-amz-request-id
7191QQ5WX8MHHAWA
etag
"ceb80d9e3795d1d7b4cbf5e7b8d7dddc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Thu, 08 Sep 2022 18:46:17 GMT
accept-ranges
bytes
content-length
3339
x-amz-id-2
bNeqlMOrj0tF2bFUpELjbHOj2/voJj4uPCiAsdChb1ArBTRE9RuumEyOV4qSr69HbxefOAzqo+g=
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=bd83746&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:17 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 08 Sep 2022 18:46:17 GMT
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 14:25:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Thu, 08 Sep 2022 18:46:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 		344 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
398f148d575b1f4c17dbec630dde9df00c95d21390e904a3acac81917d86fe7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124219
x-xss-protection
0
server
cafe
etag
16273298904640783880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 18:46:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame B420 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 17:55:07 GMT
etag
8616628553774171045
expires
Thu, 22 Sep 2022 17:55:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a5bd22b5ae3e973f3e0662f38ec9ec880ce462ba7d86b31bbab6f19237adb10f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.se/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BB79 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1662662777&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662662777732&bpp=4&bdt=664&idt=224&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2888509919199&frm=20&pv=2&ga_vid=935957642.1662662778&ga_sid=1662662778&ga_hid=751560828&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31060566&oid=2&pvsid=2324073275517934&tmod=1009868459&uas=0&nvt=1&ref=http%3A%2F%2Fpopcorntime-upd.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:18 GMT
expires
Thu, 08 Sep 2022 18:46:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
font/woff2
content-length
75440
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220901/ 		655 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 00:03:42 GMT
server
Apache
etag
"a3c23-5e7a6767c5380-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 08 Sep 2022 19:46:18 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6258
date
Thu, 08 Sep 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 08 Sep 2022 19:02:00 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-type
text/html; charset=UTF-8
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		821 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2c9964778814967e3c53ff188c7831ff74e6005f442d32c71dd2389dae296b74

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:18 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.225.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
hbjson
grid.bidswitch.net/ 		24 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.74.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-74-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2b37cc1a2b4338afe6380d90ec92103560e7c18c813198f26cb62a5ef623193a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://simcast.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
be4721a7d3bcd9c1f567f000cf1534ac50ea18ece184d7ecbb33dfca5f298009
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:18 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
054bb0ec-161f-4b3b-9ea9-025185738c66
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.42.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-42-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:17 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
85
vary
origin, Accept-Encoding
bidRequest
in-appadvertising.com/api/ 		55 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=941a5eb9b8c3dbe&pubId=30557&sectionId=10399&vers=7.11.0&url=https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
b86992b23fc76ed69ddcedd18ec2b36d3ad8c48b360ae5f16292946f8f7ad72a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Cache-control
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2295b240ab5acac51%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fpopcorntime-upd.xyz%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%2272d408ce-e679-4546-add3-45c8d9647ca1%22%2C%22divId%22%3A%2272d408ce-e679-4546-add3-45c8d9647ca1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2296f5fd6cbbc654f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%238bebe252-1937-4ed8-b6ae-f6b48d5a3115%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22100cf9e8ea6f47eb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%23fd52b5a7-d454-464e-b941-8510ea6bc979%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22104bb0ad34794f52%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%23f636d147-a492-4fb5-82de-5bf2d2972559%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%221060853f51454f09%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%2372d408ce-e679-4546-add3-45c8d9647ca1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ad3dc215-02e5-4684-b0a0-53521825b721%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fe01313ff58229d647d5e1980db0f7b18110a31c366b442cc1655bc3e7319e

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axlDfOd3Rc5y1mJCjfifDxN%2BVEtFBCEWDah71n4ChOfn9yCYoPc5NXvenNwo3NX9dzQtEP%2B4R76YRu75lriPbuL9wcPe4v0RAg9LzzI3O6wJY%2B6m%2FpvzKNBNgdDzidN7E1hGJdQK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7479d89bcb13bb67-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
80253728f112b7d2d3994f0e9444be0bf002da602645861bd1e2bf70a35aecbc

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7b8fc1a08423ff5aeebc5ad8ed1aa601e5a0abdf4c0bc82795132164351f3444

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
de10060c023ca2e815886d86d646e53023e381bb465d7120868a4134f26ef5f1

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ed8bcca4ab98afc83d531af5f9bf395478682cc23b7ef1969a312cf7b772e143

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
904fe01a700eec47c299549c53ed1623e5f5c43d8848cf309265ff6955616cd9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
90cf78244930dd0c205f02a8b4dc68157681a71f61303c7e18e38530c4232a5e

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
57fd56f25b8e03ed38c2a6cf8f3140ea81646f1b19b5265365ff1fb831b65d60

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
41c08e4fb63aa032e7fd321127d3c60c6eaf64a2333c0f1f37992c741023b0fa

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7567e8dd26aec7dbde26c18139c7c8eebd1b6eaeebfb2b76701fc17ba8b182a3

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
095f8d00444e0c75eb71d5f59e193dc124be1505b05510c6646ae17b9c77f9a6

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2d07367f4c1f1236b61efb838de4e9507d1e3be5779476f4026c02054acde25a

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1ba05643bef58bc2d401ea9c54097cf90d0c3d49e0b329dd6fb33f7ec1ec4ff3

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
/
ghb.adtelligent.com/v2/auction/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
fa99f405ae6df840dd578e54de4363bc946fb9f351a406980e0405fec5039512

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Sep 2022 18:46:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1368
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11
prebid
prebid.media.net/rtb/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
52e5fda08011891373cd4171e993eeb4f99da0f66e1d8d8fa36b8b43c4c69a29

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=751560828&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fpopcorntime-upd.xyz%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=687538676&gjid=1715790737&cid=935957642.1662662778&tid=UA-205158314-1&_gid=42972524.1662662778&_r=1&gtm=2ou8v0&z=96736896
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 18:46:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 18:16:51 GMT
Server
Apache
ETag
"da214a-9a4f-5e82e6ef7fdba"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1923
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Thu, 08 Sep 2022 19:18:21 GMT
css
fonts.googleapis.com/ 		3 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:04:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 18:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 18:46:18 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 18:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 18:46:18 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2595328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WVt4uccQrZmXcC74HJFpCXLt1SkdMSAmL4jbRI9N8YT9YGSLdSBkrH1%2FYdqe7RV0fXJusJTbKWCiPTamNiueMvqordMVpUd8i0L4IsxrTSlm310RMNv3xsexKlTDEjV5CSYEjkI%2BATAcTtK8k1COips"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7479d8a03f629ba7-FRA
expires
Tue, 29 Aug 2023 18:46:18 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 64E0 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3546930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeLi7T4fM%2BNXQmoWnPDIFBd6qRPTQpPwGUQ5oJzQ1Ti9oCRU0cFADj%2B%2BMV8ehBoDiMI6x%2FlCbLrWsHOeMx6q56onVYwudU9%2BMalTwhM%2Bv09ibTEst9CzKTPivU%2FdW7JR%2FBqK2VTNF9tR2RhGk1byoPuV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7479d8a03f669ba7-FRA
expires
Tue, 29 Aug 2023 18:46:18 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 64E0 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
M7Dsn_fh8NjBfMv-MeGwstTpRPMhtqxdBSMdY_XVgSALjXMK00dt1g==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 64E0 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 23:06:59 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
70761
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
342796
x-amz-cf-id
gYltqVtBxJ773QXyNkKq_jSAagvHHZATQPJN1Vf9yRbNa4JDpHeH2w==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Thu, 08 Sep 2022 18:46:18 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:32:27 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
29239
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
1094
x-amz-cf-id
z_baZy8tm9v_6iCu2kenav3n9jhk9G_w5bq1pQ0OrYvmLYcTPw4QQQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:52:38 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
78825
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
322
x-amz-cf-id
e72svpwiwQ91HOf1AC8RNkQ6q_EtNVLs9GavXzUHW-PpkUdoLx-BWg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:50:48 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
17731
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
832
x-amz-cf-id
RlKGpCPqLoW2sDc0jBJ9xY6kBoyXLgr_SAzgUL56I2_r4U1pkbGs6w==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:32:26 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
838
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
773
x-amz-cf-id
vF_07CxHbI0WmXhrUmCUJMZesuhpJlf0yuNi0U51BVX7bBrwnW1UPg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=109862&version=7.8.0&age=220908&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=2700.9&relativeTime=0.2&canonical=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		37 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=iMlaogD9khBamdnV&instance=109862&version=7.8.0&age=220908&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-89-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
73b4a3b953450b9a6ac82b792e8a5467f9b03520bf820b7e872658b807cc683e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
7363
expires
Thu, 08 Sep 2022 18:46:19 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 64E0 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7479d8a0a8715c44-FRA
date
Thu, 08 Sep 2022 18:46:18 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 64E0 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 08 Sep 2022 18:18:26 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
1674
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P5
content-encoding
gzip
x-amz-cf-id
ttGqDtmkZF2R0jKwDOeAvAwi2pjtK2dKhDYNAO0-vl1d8xoQ3LVprA==
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:19 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
af0fa7856e7aab81291119c48ab2bef8fecbd98360c0270a866657f761a51da0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 08 Oct 2022 18:46:19 GMT
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame D44C 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
169190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:46:19 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=2938.8&relativeTime=238.1&canonical=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=vxBrONd046&USR_ID=214109862&ST_usrKey=iMlaogD9khBamdnV&SM_ID=2225938&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 18:46:20 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:18:23 GMT
content-encoding
gzip
age
1676
x-cache
Hit from cloudfront
content-length
1394
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 21:08:40 GMT
server
Apache
etag
"e75-5d956cd664600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
kfPI7KcGf-NLeR4e3RyOwfa3AUG5JUc4UKbHQI-SD_rFFjlwawhETQ==
expires
Thu, 08 Sep 2022 19:18:23 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:56:32 GMT
x-content-type-options
nosniff
age
258587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:56:32 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:33:24 GMT
x-content-type-options
nosniff
age
598375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 20:33:24 GMT
f34ix2kd5x1ipholketms2w5lvmwn1cr.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/f34ix2kd5x1ipholketms2w5lvmwn1cr.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
624f662b66ee5b5bfe926a8756ee30a98518795bb388bd31229a76d7c31598ed

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:51:12 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
3308
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
17833
last-modified
Thu, 08 Sep 2022 17:47:40 GMT
server
AmazonS3
etag
"65fd9fe9c69eb935c57afd7d6fcc66b4"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
T5fURTVRBEEhDABeYgfnx7RwTUoG5iK_oDRAGZ6dVsaPNFPimI2FNA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=2963.4&relativeTime=262.7&sC_ID=8783&sm_id=2225938&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=vxBrONd046&USR_ID=214109862&ST_usrKey=iMlaogD9khBamdnV&SM_ID=2225938&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 18:46:02 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 64E0 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
57718
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Thu, 08 Sep 2022 02:44:22 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
cMsHPDrLzqTykPPP2ePnd4vm_FWKuni5acuDSjUrrCsjvZ4TZV11jw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 64E0 		248 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:21:18 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
Server
age
19500
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
248
x-amz-cf-id
c9oYEbLXyU_J6NKMkthh8-v6771xRtFp-RfBeQAqjZh4c-Myo1W2LA==
bid
c.amazon-adsystem.com/e/dtb/ Frame 64E0 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fpopcorntime-upd.xyz%2F&pid=xd7b838fluFX7&cb=0&ws=300x150&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
2SKW5B2MJ9ZJW2XB9TFS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
3B_JnpMFFVC2OUIWu9XVwiurFJKg67TUnkgKaQCOwF-yy1pt2991fA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 08 Sep 2022 18:46:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
489026
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bmeJPXx1d1R3emVpQTlhNmtWY3lyVi9IM0hmSStsK05HM1hPV25UZnBWMmplNlE3TGlFc3JvQ05KU0NLS1dmYmJuWjE0YlNnanNoaG9kc3BneGZxZkQ2b3R5T1RlWUxWMDV2WGw0N0pITlFlVWdCb29JMHduRmNmKzF0RX...
347 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bmeJPXx1d1R3emVpQTlhNmtWY3lyVi9IM0hmSStsK05HM1hPV25UZnBWMmplNlE3TGlFc3JvQ05KU0NLS1dmYmJuWjE0YlNnanNoaG9kc3BneGZxZkQ2b3R5T1RlWUxWMDV2WGw0N0pITlFlVWdCb29JMHduRmNmKzF0RXRLRlRhdklqMm9Rd1VJMDA5K1Z2M3RhcUdGMFdLdTI4WFNQemRKRkZZT3kxU0wwN2IzQm90cEV3UGVUckc0Qk5Ba0pWTU1DM1FXcUF2bzd2UmYyQ0FuN0tLVWdkSE9hSTZxRVR6RlRHUjhVQ1NqUFJMVU9VPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0e28194bded91406c41e6a1e5e229dfae282025243f1e8b4a514c5bfb92e2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1571299
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bmeJPXx1d1R3emVpQTlhNmtWY3lyVi9IM0hmSStsK05HM1hPV25UZnBWMmplNlE3TGlFc3JvQ05KU0NLS1dmYmJuWjE0YlNnanNoaG9kc3BneGZxZkQ2b3R5T1RlWUxWMDV2WGw0N0pITlFlVWdCb29JMHduRmNmKzF0RXRLRlRhdklqMm9Rd1VJMDA5K1Z2M3RhcUdGMFdLdTI4WFNQemRKRkZZT3kxU0wwN2IzQm90cEV3UGVUckc0Qk5Ba0pWTU1DM1FXcUF2bzd2UmYyQ0FuN0tLVWdkSE9hSTZxRVR6RlRHUjhVQ1NqUFJMVU9VPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
702796
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		194 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2324073275517934&correlator=271875292733156&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=1454962489%2C1493067150%2C3084627070%2C585593&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbusinessinfoline.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_adid%3D1525845d07c10607%26hb_bidder%3Dadtelligent%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D151549ef6351875b%26hb_bidder%3Dmedianet%26anh%3Dadhesion&cust_params=arTest%3Dtrue%26wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D1300%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D600%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D600%26waae%3D1100%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3Dfbb543c96267455a-22c85a6115ce0056%3AT%3D1662662778%3ART%3D1662662778%3AS%3DALNI_MaNpHJkKZecepCcqMy4OyNYjBeTDA&abxe=1&dt=1662662779202&lmt=1662662779&dlt=1662662777068&idt=629&adxs=315%2C791%2C1230%2C0&adys=193%2C1055%2C288%2C1947&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fpopcorntime-upd.xyz%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1877&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=935957642.1662662778&ga_sid=1662662778&ga_hid=751560828&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ffd7bb8bb7551671d905ff4a01f6d45595b734c36c3217ae06b2cbd7e43d1632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56360
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E573 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Fri, 08 Sep 2023 18:46:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 64E0 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 08 Sep 2022 19:01:19 GMT
headerstats
as-sec.casalemedia.com/ 		0
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj7RvI3hFJN5N2WXgpVzV7NUTWqRIHIHz%2BGtlYCv%2BDOz5siDF%2BEY%2B1%2B5BEBALFCXTqJVeczYDyRduHl0xy7W%2Frg6w8mAPhoBYHEkeHXPP0rpc5Ts8AtOjnRRclJmsLP0WL9IYg%2FzoCY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7479d8a34b48bbd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf4e9eecc1bdcd9f99b474a569b338adf82b1cb0d97a9746c29b73d78df802a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11157
x-xss-protection
0
cygnus
htlb.casalemedia.com/ Frame 64E0 		36 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221c5b2d73b9085b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222c2adf02acab22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fefdc114a1176e1b918f1f80304627314467a250007340a40dc77808002127

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X7Qjt9CRSOb3porVD%2Bbz5hdDqVka%2FUzA078Kh%2BUCgB8okzFBPYIyyj6pljEI%2BdY%2BiF5hNTIcC67BXl0ujTgsfQ6wxAF8zb4s8qWL7zk7Ot4Hf0C2NP8t9nY9diCZIjOxwf%2FLTch"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7479d8a359d9bba3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 64E0 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 08 Sep 2022 18:46:19 GMT
X-SpotX-Timing-Transform
0.002255
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001173
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000415
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000008
X-SpotX-Timing-Page
0.020531
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000326
X-fe
094
Last-Modified
Thu, 08 Sep 2022 18:46:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.013825
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Misc
0.002491
X-SpotX-Timing-Page-Exception
0.000025
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.013825
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 64E0 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 08 Sep 2022 18:46:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 64E0 		137 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
668c3eff99125194c29c16633392ad81c3426f22adbba6dcc36bf0fd1226880d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:19 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2476d07-2494-4e49-9700-47487e7c6f15
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame 64E0 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.174.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-174-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 64E0 		173 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1c728c79088b6206fbc8ac7f24a7ae448dbb7ca86e900eaa6869ff6fa03d49a8

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bmeJPXx1d1R3emVpQTlhNmtWY3lyVi9IM0hmSStsK05HM1hPV25UZnBWMmplNlE3TGlFc3JvQ05KU0NLS1dmYmJuWjE0YlNnanNoaG9kc3BneGZxZkQ2b3R5T1RlWUxWMDV2WGw0N0pITlFlVWdCb29JMHduRmNmKzF0RXRLRlRhdklqMm9Rd1VJMDA5K1Z2M3RhcUdGMFdLdTI4WFNQemRKRkZZT3kxU0wwN2IzQm90cEV3UGVUckc0Qk5Ba0pWTU1DM1FXcUF2bzd2UmYyQ0FuN0tLVWdkSE9hSTZxRVR6RlRHUjhVQ1NqUFJMVU9VPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
511335
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B3E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 16:54:52 GMT
expires
Fri, 08 Sep 2023 16:54:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FD4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1529bb9a278511579364bd93d65cdf31f8c519c6b0a7e45f465ebdbb1d57af53
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4GsIkAl4PNN2mfvNOWjw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-4GsIkAl4PNN2mfvNOWjw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Thu, 08 Sep 2022 18:46:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8r8486r51587s62023rs6o41nrrqr72qplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/8r8486r51587s62023rs6o41nrrqr72qplaylist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca96313697c09cb430fa7124e2b4dae158d7d14fd4fe0d08e8118d899060b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:41 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
3219
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Thu, 08 Sep 2022 17:43:04 GMT
server
AmazonS3
etag
"7a045b4c8df2775273ef500fe94f7046"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
4qHEq3k2qpSbvRwH_aBzvzgI4eXKK0UIFnOVwbvUqUNYCxA7diGZZg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=3391.4&relativeTime=690.7&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.529.2&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=3392&relativeTime=691.3&sm_id=2225938&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=66.1&prebid.bidders.spotx.time=183.8&prebid.bidders.pubmatic.time=111.9&prebid.bidders.appnexus.time=102.8&prebid.bidders.triplelift.time=105.1&prebid.bidders.rubicon.time=132.1&prebid.start=3191.7&prebid.time=187.8&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
150s92o360s14501os4qq9412r575794base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		10 KB
10 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/150s92o360s14501os4qq9412r575794base.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20a359bbb9bc18138a38455daad5cef1900ac43a5f256967f6767f0fb8d56331

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:41 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
3219
x-cache
Hit from cloudfront
content-length
9958
last-modified
Thu, 08 Sep 2022 17:44:03 GMT
server
AmazonS3
etag
"2b7987db0567d212a50cc78c1723cfbb"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
Y8QV0S_bXEZoQkQZUQ2ZpMwg_LtE9X2tZH-1ObM9O7lj4TfCHm2hjQ==
container.html
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 45BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Fri, 08 Sep 2023 18:46:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 760D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Fri, 08 Sep 2023 18:46:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 04C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Fri, 08 Sep 2023 18:46:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9315 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
expires
Fri, 08 Sep 2023 18:46:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8r8486r51587s62023rs6o41nrrqr72q.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		2 KB
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8r8486r51587s62023rs6o41nrrqr72q.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09ea5afd9073e585a47914a836af6e9ec26f680f9df06e743b20ef638545436c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:42 GMT
content-encoding
gzip
age
3218
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 08 Sep 2022 17:44:26 GMT
server
AmazonS3
etag
W/"e44e378839f88c24534ec4147747162f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
fWC4feGK3-NM3QQG6rBqWSxDehCTTYE-JW7nPlMifpiYGG6BJCOw6w==
ads
pubads.g.doubleclick.net/gampad/ Frame D44C 		36 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2225938&us_privacy=false&cust_params=sessionKey%3D214109862-iMlaogD9khBamdnV%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D15%26us_privacy%3Dfalse&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=19D70466-D841-45D6-A695-54380C53ECFD&nel=0&eid=44731964%2C44754420%2C44760950%2C44765701%2C44771692&ref=http%3A%2F%2Fpopcorntime-upd.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1662662777068&idt=2257&dt=1662662779863&cookie=ID%3Dfbb543c96267455a-22c85a6115ce0056%3AT%3D1662662778%3ART%3D1662662778%3AS%3DALNI_MaNpHJkKZecepCcqMy4OyNYjBeTDA&correlator=260889341084668&scor=2811039775263587&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
321329d75990070b07e571362ac64da2fc58237054cdd1474dd39fd38ce52372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1533
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 2B3E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
8r8486r51587s62023rs6o41nrrqr72q-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		355 KB
356 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8r8486r51587s62023rs6o41nrrqr72q-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d8459d976f072a5ad5ab85d290c393fee1c6a44d74a3b6f47da0c3869f75aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:42 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
3218
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
363404
last-modified
Thu, 08 Sep 2022 17:44:20 GMT
server
AmazonS3
etag
"a253055e3ecf8738ee0ed31cb215b4ba"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
Vc8rEBYq5jzKvNNV2CU9gaRlk0udJMV-73yTfvuzJI3UVUxujXWeag==
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=2324073275517934&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA09 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 45BB 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6f-jl2wJWTyWW8OsrPvkvM8eBNj-_Vw8f6NYUfSbacdOsjKAd4T9E_uL4E8S0tBhw1lL34YVj9XW-l9QfkVJsDcuTHYwZoAmxhlX7iNM4beIFjmhNFlboJ9Ok9FMxaj-A35HeQpxW0o90MiTZPYQIF_ZmKw&dbm_d=AKAmf-DXA2buiLV_NUZfSURDGXECXC8gslfdHgDsXtgxZKkTXVUV8r4OrK4DXVaRTup0qUEAkyE7M9UrLi49-r3nXZhfJaqg4Yzzb4u6zVaM9yVLTG4BkYkjScji2xt7k8ZIwRFS7zhASnVP8Imu2tJrbZb35A69UfLE5RYGlmSVfFW0wKtA5fUnTk7uHbQ1rYzdVOaxAJZJfBZNb1I471diQgcgUyO3xkWidoMDpGQWsFhrJnzs43soq27xWt8tfS6hFH14llk1_LRXPKUmDTGJ6RynA-ZnBC5YVm_IDpRcETo9o_pA4dIWqMqj7E9k0zb44ll6gtH6LXL4F7geifnwaD89brUEiRQjrZxrjx3KQ-4nUkj7b4JW-AWLoyxxsah86MO3VQ7yiXBiE43V83_XeKCdErRvtxb61JZQAkPxScWuX3koJu-d8qsSL2f_KNfLnkwjjpyIT2CchJGzOwmdwzTh1WJBSFrbToBdZYEkCSMmxi7RHHPwlG4uGPjjpSz9HIVOO94ZpzRfe2akn3IZWKVYEqSFreVdLspDwQJxYnS99X-MZBrLp3kdLe7fsUitDV4aX84Pyvn3bbxHg47csSy4NRwVhi2hAWPUE0oLf_omxtI718Z3S77gElDzgnZand5I6O6ebhWrWv-7ly3YG72_RFLy-cNeaHPZK0PidYA91J1xYnP5Km8vS6JqbnvHxj3CjkankyRWHXLFajLKqz_DGuuJp8HiI5xUNno_3uBVNSnZGeDuOLLiAdFrWMekf_BOM-cMCx-S40LZ4BlJQB1lbwKmiRCtHQfzjJvzJcPc1Pszx55w59MFn5x7TmdB4SUzB90a7u98gtQXwlo4ADTTO31mS7zwGq0dZiF-qzRbtpsYNZzKwiMA65JUzIIdM2BsivRQZiVN5vbae_b70M-ZdmywjG6r1B7j9MOK0Esj5Gl_SsT89jPB-lopM9SAqTRyB9rId-V5NgvdwJt2MZFWyE-n0Tvy6ywDEQCLiVh-3zLWJKWZvz0w3-1aO_rIW1WMHB1j20PtATFBQbRsy4Rpt0Dj8LA9OH3rVBF911mkFoTiI-gHvEyAETUUEcfjS8TQmWi2l3Qb6GdctxDDQtYKB7Qgc4tmBSp3-ZC2n6MTV16LcbhNU5tnKOOhlQ1vtmalv1j6c5hcsQZ3bTejpMRSpVs8qDpQRg69fat66iuFtOq0PXlLXBYP-wJKKmaBcy1lPANBIi6S6PPOM0QnHmwhAnIbJG0PT7FdX3HHppkE4WtL6PHFGGl9U68VSkZxRpHoMX64jUKCbYUic2mFlvAL9hJePuYUk4d5At7TPvovy_cy11I0kxbg3x-SmAr0XjfYZMtevZ2NRpMAnMHwGSvxk59T81d3goLX7EOsytisCFGFUn4F8KyHHOKzvDJulJJAhJTrRNHGIE1Topj9oMGRvE0LaY2pu7d9_REOPhvAcfCEzmLL9r6zuYqlbNUPabGwtjGR_fia1HjW5AeIyAgCZ5GFyGdH3kXPqW1Cr-2FPTBy2ac0ZuiMBABiYCKVbkpwM6B3DkMq0RQSyaCrYP4_SSdkAnMwUlhpz9Wbk6Zb0_5VUuitcglZHCo6iHndPQ7l9XArXdZ5_BP3ybcyHC945htEQ2_aY1UQnZXyqKxAFzhOvFt_lJ7UZodYu_7hUt_mFwfdTucjCtmzS4nrX0x5akGcPmW9rNC3heq3lN6Jfc21lvk81v27j2WtjOfjHlNlZRlUzbW7PqF3AQEmoBRCJaXoeHxNM3qLiVAeClf7uM2Km9eoK92FSvmkCtw4bPC_pNl6FwI0C0GvInP-E_BZy7b4Q3mRVvf89IvgatO33E3W073bPZB1RbQzQdMzvaGjQhcKVHvDIaUPL6lKlhGCqiFz0MoomlGd4sV7ks8NzlgfnkWEsSEsNt1DvO6gvmUfZ9yDzpoNAMDsmmTJxEMaaW10tlOtwFNwQm2ctzlY5k2o-P4w3nMaf2w_bcPNPLgLNuNGdTTJ3bSWEfr89NKo2is9MENwAx-OJBYBZU-Io2jZA57PKjeDi2Y3Vef4DqTcGqoioUb0Q8_6MC_yZiqE9EU0arOxwmtoC6kIZov4BXMMKalOhQ3YBGleERogV8O6ous-6_9_c9YECs5D2ts06emUlSjOKU8enbUtTnMiTooVCQc1BRopMFRYe6Jpm4D5HBjQG_vOdzP395wQzsy0PNuGHwZITSZ0f94rElV4wTUc3O2MTJ5MFU042H-ciOHlHF1eFrRMWPXDSfmtgiaIVO0KER7Xt5DbxP2NoNZ4nAVOUF3C_wVyOfvV043DgDVE5fNW2al_zhBDclz8UMgIIE2iXM8J7gibI5jUoqg8u6dPV2bLxr-vEAG0fomf_mOOFaK0MoctgNdBhT7JM_iUhjBoKonEapxom25uvtIVGQGvKp1uHNyoLH4Qfr0oIX6ZRywIXnu51P4GirhnEpIj8P0tl1vKkYjqI2tu2sqs9j1cyeNNVEYR0GAvVQTElB7MKCmXQ02YnyMQbtf0AIAsQGpuaVXbHr9D5QRigqK7u525b_5E4hXG5WywnqUzgVCJQqHXqXroXx8yHdw589rLSnmYWMNHGGXtQ_MznNKjQrbtEGfSzEkU5RfffqGitgnA0WlIDQgjZYMsEeiD_kotcmVdiwMaeKPzsXmR7WI8DvAZc0NwqqhCLNX7-LVzTc0O3K6EtYSIZ_Bo-0GpGuRIw28pHcQq5ZTueKBZndY8nRQoCN47jhtl_D6kYnfTZbia3TPgTaZQ1X2ZkFMbE2VmwKKGutD9fB5q-hqen9pGG6md4Mgw3uG1jLv7w9SCFSrOCqCDNw_uo-tpJZebDM6OozH_7Hu3YQUOAupOogrwjxfuq7SEgwSqAVUyvbmR_Iz7ostW5eKVAUY0ZMWd7BVDYx0Puf7sWfywoX9clwG-Dw5cMH4f_WN4zWP3wmRrRKu6JEMVeuyJh7SrmaxSMeJUO7MbuuhWFt25mGFpyvwtEIR69CaeGTdLtMbdYpq9fHb6j2NOVNib533kIg2p8R_KRov9_kQrwNuvua5b-PHro7_FqXGarkVAVgDe4cAMkG8bDtMlr94aw7vygcd8JhGMhpYyIJXAwHJblEg4tNGk0-s1vcqZO0E9ez4rZ1KY9sf7YhldIFyq1v0xWNgZ110FwmQiB517SJ9ekpGpx14jIDBXrgR-GwRN23Pwmo_LL_3So60ylT_Kf6cdwNXQ38kn5MUk3ZjK8AqmdzkP275edYJpUbuXNQLwdQEE68P9A_FKW1EPkKmZ4y7PyA5S6K3BplgRIAC3W-5_N4zxKUC50mGI5SPIODSrcKaWKmrR97iJAtoqmBHdfSPaWsGK3eEd1ndA4OxIi-a2vutbMZLOUV2FeAoKFVGaN8tyIupmhsZVYxmBtxWxgEHsVjrZS1niyHUr3AgytQQmXbGqR4ZIMd9O3aw&cid=CAASJeRoLGu1FN4yWQNt1AIeLw6o3r3FvUax54tEf7LTf8_w0tEzUGAgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b125abc56ee0fa6b2759ef8d939801d12fd5dd52c80b06e43a4c4c61fa61e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35212
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZ_QK9_O6WuXxox_jfhGz1c77r-HLmI3Ajqoo7gbR02YBN-l1CXJTS2RZTVsME0nhHeJfFpy8gkeZkO-1-S3emZ9aD-ZYSIvy0e2b6h4xqsWnMPlg
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 45BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:12:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45BB 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 45BB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:04:36 GMT
l
www.google.com/ads/measurement/ Frame 45BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXlbVGZ9f5lSAsqsTW_-NUoaeG5aIkV6c2mgwUgWo9OoX7IHSMtL3a1OwfpovFR4uc4L4UqEXEUyrmDssx73fY9xMy2A
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
d9c3feb5dbeb38b81847ec1386e6162f.js
www.gstatic.com/mysidia/ Frame 760D 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d9c3feb5dbeb38b81847ec1386e6162f.js?tag=client_fast_engine_2019
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5cd3351a343011cbc0046d12c2b8bc8d7a968a09009ddb117fb1dc49fd1333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 08:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4500
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 00:50:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 08:19:39 GMT
d7828440eca131f8024d59f2851a803e.js
www.gstatic.com/mysidia/ Frame 760D 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d7828440eca131f8024d59f2851a803e.js?tag=video_location/web_och
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
635e7583674a6470a20717f5a17fe49ae17cefa8abaf069e2ee7f7387e3655eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51141
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 23:05:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 01:25:21 GMT
css
fonts.googleapis.com/ Frame 760D 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:40:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 18:46:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 18:46:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 760D 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:22:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 760D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:07:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 760D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:12:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 760D 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 760D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:04:36 GMT
l
www.google.com/ads/measurement/ Frame 760D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPvTahqsR5UIuQiqV4Vrg3CSKhHGBmuetZXW9uFaSA0df-fJptmFXldx78j8fHKST4VvSsvl0-34u9oldodrwbemEm0w
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
8e474446b56ed6ef0feeec2d987f1a60.js
www.gstatic.com/mysidia/ Frame 760D 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 08:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 00:50:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 08:19:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAED 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9315 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfZmsFVX-xHcca3iiBRkP9jRoB0w-6kBicejJm8QqFMRiYFiDk_fvZSw1co7W3NTGPjH6SFx4Edm7WZgg68c5aQC2m-CQWOrxopbk0EE7mKLTKZ41IKUIAJ1w48iC99FaD6Wqqec7ht21PSdQgLceB0kvS7Q&dbm_d=AKAmf-AIwdayiPqIAfCx35i6obBYCEXUpEPv0P8hmcwTtz44UTjcvxUpUnzGarRk-A2WKHvbzJHyCmeFJGdRvaIBoA_Guu0ESXOPu1KgHUoez1gSfrWM2Ls0wnuVFFv1MxxpPBX3ZWCcgMEc8Ksa6zBggkeEFNmqL5oqpJLtIIdPrZtGwLfRYxfAfvjqBk8D5307yNsagUYpWxgi-3r7-Gz3aLGsyiN9m4rATWTpD9stBKH1x_f9fFi7lqHxBoE0c_ThwoqA8T3QA_K22NFhghb_wMC995eq0-N3IgX976VG4FU4f3YR6CwVpjVztBeHXZZXMycmt8J0fuKjInqKAChkTZxcWRDjMdE_o9y-22cA3-1rxuaKhQLSlkZqB_zsDltKi0vKMGAqsBkn31wpHKiJbHUc_bkFDMPECFLfbEjNrlEY2lX46Wta2OfkfQ84mvT3unfXbMa8Bd9meD2_Y2druyxTU4hySVWcnPtrJ3fp7piJCVEsoIHtu12HoJUxk2SEcZxF6uJepGpd8CcCaEvzB6kly4AuRSf6jGfXWvierOlX7M3W0jGxQzH-JkoNGTupO7Wcay3zs2YFh9NUV94I6lj-XI66CNJLr4pTa-5rbVuy4FWZdPLNOeGE9Gj5c11cgjvnfUiBImc7Qo664bnU3yO4ylpvdjKEXLI0LVFFVAs8ZiKx1_j3pPwcnQXbnZHzTq4ICSjVOvOBFbiwNyyPrJMMmtwyK5SiIWmpZUlI0zzQNjmnSLFyooikKze6hNX3WcLh5bOIQ4pTMZ4y6xEhhQHrUsOCF1wbsUNroHDcOaxXhpcxiPFTYbTv---NzBXGDIWIEpNGgxOcG1mGvtupbHNUGyTfuzF1RFNcx4i1SsOHAF7YcTzsNTKSPk6Y5sSsmGvXJQJYBcTCNpcErr7ke9kC9TAMR3tEmCkP_CBG_0x_EvqF8lsWBwRFpFZBMLkcz7MTPB_LjjR-lcMBX5-FNBJW60612CKLwyVFx8j6OwPC0yr04ksq7O5r73jA6YZniQYqwyD0ucDEXSrvNDUIBu_NDjO6imCXzzNgIVY4m20aq13l8vvN8C_ETsRmn-kWhsC4rMOJoK1khFTYu80oMk_cJiEf3sODuUIPGmp4elE2Fg3pDERAjK4ZxZNSwUNTSA90w3kO2zjzlksbXM1IlYFRH8embBlsCL9vERgpn-QHTcJuzSG0-e-1hmalSAMja177vnFD5rjabAKNHT1PhKHUbDYGAsZcGZ9R1GwbsTXXT90y0QLAxtpAHeLTUwjpXF-UJBvg4H1_FRW1FdluaaCxqn2dbViXRbP1W-rEkgT7p6Xs6Rqa6a14XfeCFAR0nb0HNRjM3iDW7caaGpw3ltsbkGlrzBKF98VVQdNrJaprOjwMk5-UE9q7cjymx7kHHs22g5zHYuamzF0sZ6Qc5qvvF3UUbCIORtjm_YTPps7RKJ7bBIRnsFkvGk0uGxaSe6g8DEaUNVFTpdq-Kfk7NvN78Pz5M_jrhRyRzrIrZjulJ4QZuoE_VA19E8cKOZQX5RVQXj4GM8_jEOXXkXyMgunuNdXgUcDZyUtxraMbagSaTmJZa3kyWbvkiYraXFZwASWr__5BvKOK7sphNUZre73God8BokzghBwLxTSdirycSXE5F2i_H9dYFOK96qKQzIy9QMiuMwQKbIijGK3T5rRgbYM0hw8W7FT1Oryu3kQyl5hO1kQSp9rT3twS4cMkI3iH-RDKZkjOhjOPMHLoXR27hgytWEvEt2H2RnMPaf2MXsabJWAZEjhmmrdy0E-scu-zFN8b3l1FTKY7qnF8QAuB8kLiPAZGFP9QSa1RHfyGBMHDq6oTnFGOBUZt2jqk3c6CxH_COarNaY__hWzF9OTpo7aspGdh-RuUBh0yKqUT12HmkMmRbsq9xlc264v6PfC6953k5rjkmiJtgaz512r2rk1bnSaJmqceNHxdmiaeAxRMeh4CUHkuSusonJXQ2Dinu11QXS8jZ_fh11iBySLmXASSv8UHmWIJRzNccfw0IicAejiE4fiHr2Ikmsct_o70nsiTVCgUMn35v_PBuE4-j6zYCaasPOX7ntiNxirMYrgqXYjwYXX061cWpcCJ5aXOCrqmi1GGdeitbRhDJ1GHTiy48ZJ28o7xeYdpCBh9PnclrIWv6cEsOcMgVmLD7sOL1xThfXMDpqTktn-uFzpB2YqhlxzAukNaZfOcb8FGf9aGOSg9BC0rXv0fLJh4177IXrptUWjWyWa8FAZB7nqG2dSv5RqI-TEBJOHgoEBGYFcv2w4E55ooOxTV0MWpECS_C_iWIMFLI3zsPE5xSguJAhQ6otd9o3Tt8TyjPWWRptVKTMp5lDY26dyuebaIHISj3bvP66LfQ4B4PYuU3j3MX_AOyB4ATMtGkFTHWb4pwQG3RM7fY2y_00pqLLqtuhJDhlrysk_yvgASH_bYzR_LCNnEkuA3hiteMKfWYJZY4lByPpmCYsaG81jbXZpuXw8ytV25QBUqU5j1Z2CUKIDmf9AMBa32eqcYlXGMOkI7MvSGcu3sVS3QZWEn9tTaeLGqwCiRGM5ixElJ_Z3tH23WzaKG67w9zGlAmPRjlMl1oOohFNfox_ipGe76RwMjQPxcnV9GPv0dvWfYl8hnGDJoudldOWU_kBLmTZ2a0lsTD2RQy8oVhhWYyXPlD-PVmYQ6Efr8QHk55c-A6Ue1KBoln0zZ_0M0dlUhnewZ59DqilfAXKhr2qZhMMXyyjYjpK4J_FQBcoDI50i25hTRGrIQBUcSOOoLQLvdPOFx0krWiPLwmbTmZcrAkDZnQfy7YF2qPF85qGV8nLxL3A_JL26-gjkpPnf5p8kgPCkao2Z4HK5XHC9aO428Bnit4mz_OlYAxYIqYCdmjfmyA8CTRCed7PQhEKuUFL2zsjOoYOynSQ7IG2ho-qJg91NtKIaO5sY0_xFH4_vsYOARchL2FCQNHBb9PF4lQtYO_XmzfnOnvj-zWgjxeI-OQ9Xja6QfOQUIT23oOJ2siDSiZXS7csazuGSB-kC5jkR21lVeSR6Zl4MvZ1WTcFk1qZ3fV3n3lM92amPMlWfev1dlIyDwmUkED3DJNCyc-CX8iB6kTEJK-u5BWMDmsPPdblYUS56ph7pxQQP-3wa0ia716lrJV2fDuLlwh2B_ombLPUhBnUVHA_LruqryL1BR08tiaR1V06kfvSzoLZP7BZR2p88SQalDn4miCvN3xnA6NbkX4oDerpanBICNhRracnLTu64Al40VAG5EX7q6Ra7Jskehsxvlr7tQP3FfGPpc9dF8JoYt-IXdFcvCuVB1PY1iwcG41UxqBnNZvHzV4VJNMwa6tpYsyLzY7p-w2tcnAajtEYTog8xYz60pqZO0_UKio4znqdF4xbTS0mxtGexiZP4lrgYxToqaMUQjNEqIF8TgInt10r0urbY&cid=CAASJeRo2Ee9Q84dJGjGrIGxqHARUQFzBLYC6zdlW_yFWK4u30Bxde0gDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f031108de94f7749fa61229f92dafea0721fc99f4402697368ec95a5a597148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35188
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9315 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CBOFRLu4V67sQbZ-X8bOaiFVn8mdUQGmkPm3c2xCcXi9RaUGjZnO8aLjJ3lJdVlUG6Ar2eIMKsrH_7jt7qJ1idDiibvL0LREr-3boHNZWktsTPGGw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9315 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:12:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9315 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9315 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:04:36 GMT
l
www.google.com/ads/measurement/ Frame 9315 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSitMRXCsEl7mYUZiYlkcGC1eSBL3obq2fVLqk9c7UdpkP1Gi_diGASeOsnjHqpRpG2kN6qsRYl6-iTZDo1Twx80dNx2A
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6568 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 04C9 		70 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5ba6a3ee03ec631ae7bfc8469a774f26fb273f3ebd6197bcf8cd2bd93b85933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33273
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRW0nS0do9ueLZMjx7mssw32cVoN_U6cCI89VHBS8Ga-yAmxnO8qfJ8OsI40cc85j0S65mWQ2pAnX8vNIHwwQK6ZQ1lx36QljFn3jugaENc--h4xI
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 04C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:12:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04C9 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 04C9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:04:36 GMT
l
www.google.com/ads/measurement/ Frame 04C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTud1z05-9VQoxJgbNoiuOUzcuFToqnfdZO1GIdIyx-0hhn9hYs9rxw5bwBZrp4Xmv1GY9w2qfnznsn4NlfwkHI37afgw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
2c1d1956-b78d-4836-b95e-0f8c9b395021
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/2c1d1956-b78d-4836-b95e-0f8c9b395021
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=3897.9&relativeTime=1197.2&alt=0&sC_ID=8783&sm_id=2225938&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=vxBrONd046&USR_ID=214109862&ST_usrKey=iMlaogD9khBamdnV&SM_ID=2225938&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 18:46:21 GMT
rum
dsum-sec.casalemedia.com/ Frame EA09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7479d8a8ad7292b7-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UozXP9FaTcu2WXK4RtKNVVixIEXNjpaStalNqaziflTosuMjaiLBnbJgUJXtnAyTH6lyHoknZGZZNzO3oQGkn8bSZszgGNek3hveu4uIcetPWPL6svooKuRZl8%2BbX7ps19%2BH9G%2FQTQwQjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EA09
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxo4fCTK-e6HNj1hXnf8QQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7479d8a9cf7792b7-FRA
pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fvl6V%2BeorzgKo%2FJscgyjEFprf%2F0axWrDrlQLv542m9jqszbTqIE2Hywo72Pp7kRdlNz40%2Bs7AZywPH%2Fol3n4Al21Skya59ZzmzDr0k2lxafnKIg9rAPQX1qAJel3nAfHCSL%2BZJnw1b01rg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEP6CUojnqX6c9muQh_FtY0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EA09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBfzFIlPO1nXca_fEUzxiMs&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBfzFIlPO1nXca_fEUzxiMs%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBfzFIlPO1nXca_fEUzxiMs%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:20 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
406cc9ce-fff2-4f17-b38a-861db433a910
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:20 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
76ced6dd-e124-4d69-a336-0a1f80463aed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBfzFIlPO1nXca_fEUzxiMs%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA09
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwOTc3NjM1OTk0OTQ2NDAx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwOTc3NjM1OTk0OTQ2NDAx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVYnUTEBhbsTY0RU8z6ihsfsrNt_oDEuJYlaJxUkhez_WiQOC3WtP7JBQXOUVy3tOcwin0JkU91B6VGgPSe8XZ8_5dVeb95jySmjwpx7gMgK1uQVHf_1y38_kqjiCPMTieBIlWBeLJ_5mtPGSJHacw7AqowdRX-_Emlzn45--6ze9Tcb-KuUS51Gk8a9YNRMraSc1M0hlIj_B_fo5uV_YN4091ktg
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:20 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ba45f14-8f12-47e6-a4a1-0a96846f7f61
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwOTc3NjM1OTk0OTQ2NDAx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DAED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DAED 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DAED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 08 Sep 2022 18:46:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DAED 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNX8fHhnDsmKWCVP36_raJ0piGr2fItQZOO7VK06J9j9VewT8hFQsmqmfhkbLQAeG1xwbcOY2zzRfPq8PJLKGuCmc0NUsvP0tdKO3s7UIeIy63-iH89DpTChL8yv4YJO9bw-ZSIVu9pSK1p0VEPeBhZSvjcBsnDIvqRh9jEY5uUm4iq4THCu8rBt6ZjXU4QjqGpMfFXCIQjuu083d19365pxS0S_gw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 08 Sep 2022 18:46:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 04C9 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:41:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 04C9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:31:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 04C9 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7Vsxfxo9dKwyrggfDh4KbxnTJHxxxqJRGrR-2zBLo9OQwhNxSk_nHmn2zeetMDS0RWYQdZu9TmY_KcIbfWG3Vp7pGUg0FIbSYrYPoYanKHWeyYPw2-rfkjazT73dKZ6dY97rmbK8Y30plsRb4BHfrnNUarX_vlxBAjw3s_qbceL0AZQhnzO6tUZQW97NhGiOhEfPvUnzgwP41-dr7WzxU1_H3JAvbKZKTgwX3Da6uBwoERbB9ZVpK14sregPBTvxtIsCRdjtUkcdnc-TMECSMnFHVP7HiZ4IPzJI3X86lJwZrk62SijtcbozQ6LXP7VyhnnIxylNqDO-aLe0x_Bfg-2u_aqm2oXWpZV52h9XntlGn6B5r4YZc5OP4yQFLI0Es9VworJOk4dUdc01Nqub4gYLyVeEaBs2J4yawfhDWNAd8-ddjg3zyF7L1eQNaFv8ZGXS7NCodsKVL7Vx2vpBed28UKYXIo5hCiPeoCngPoq8aYqVqkIBxhy6RI5m_5PHwEFxEjQOKBL2P0-U8LF_Yhe6enstI3Oz5egwofmV7cF8oE7XEUStQ_XKaXZXT-2s9cICidC1X_mxwvEZiPWfbxuYIHvxPis0ycz3vE07-gEDfsPYzMtvbaGanN4zyV_BehwFj7SgpbN6ubuM2F60xIhRZ6S-NCQ1Q3LS5yQPToIMddeNkHlSndD4mKuESdw4mmGawoBIx6OBBb4E5C4R6gpmKBX3gI9Q6x-Av0ELILrcxeNNT3WAIMpNogqIQZ3Z3k52cZ8dPANeqAS1w6YRgY0Ikp93GJVyaY9Ei_-FsuOBKynyyP81n6NIukAq3ymgvq_jQDAWrXsJThJSn878nKAw1Fnv1DtkE5rK-ap5qM_ci4rmOKeHH0fUwZVOYSqyq6Ep2MRUklcUVCC6LTBZjD6haBbj0EsABfem_6HVFYs3z6bjz90Ak9vlbisU9yahWcZnIQYcEAk7BHUtaDjDpiBenQaD8Wddv8dCvwFiVG20s2ZwSdmCT98BbT8orkIO70Vju2MvPMqtdyJ6oQ5dtFJRly3npxbpFo4OAhJdl2HF2hoNA2YyIbk15KJsUpqNhIWi1rU6gn5xWBmuXPSXo2nOgy6YTlQj3ofVWUawslQlKlg9RWXfV92XFVU6hoxK88wCxihxLcldk4nsZNlVkqgXuJv2eeHBoASUFadvRUkfgJ3tndl2egUzlUgvnR3Fl1NN6x382agfa8ZX_EdLKcsnrb9ZxmDzC4MmjNsGZiAKcSt50ooDahTTWp0m-HdaeQfE45V5U996dsf4Y978luA&sai=AMfl-YTJpAQ4bZImp4GXa87VEuBLN-BLVHbyLvgbk8nRvIj5r1su7JVpQXh2NCkZVDOr-qI3jsZcChTi_9VQKjHinYx3VtxscEMRgkeexLZMX_fRvYw4w3WtSHlIw5aQgN966p7koD3kK8y_zAJKXLvb0jrIlNPzYykMg2CnqxhfIJmNUoNM8tSV_wHwNbRIPjsUTgkJ-XJQcMu0q52cex1_aRzbhqU4&sig=Cg0ArKJSzJ6ixKRCDpKOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.01988&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 18:46:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 04C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
6249078787722785422
s0.2mdn.net/simgad/ Frame 04C9 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6249078787722785422
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba7e7d138f06d546cbc9963c14120c8889f07a4dc8dc97acdb0135f41f8ce9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:02:21 GMT
x-content-type-options
nosniff
age
45839
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43210
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 06:02:21 GMT
sd
us-u.openx.net/w/1.0/ Frame 6568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGuCv54HFv16PC5qlvMEcLA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6568 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 08 Sep 2022 18:46:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIUGI9CaoJ2Zc_SrgLmhbos&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6568 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNW7SdOmKUxtTpXr8q5wK2jftP_xfTPFrcrugSaLow8XxsCqDMe9kym_faPCKfuEHEbPWu1MKZBTieXF4oX7RQ4Sf_J7uE8T0LE-MgtjtdtEm-doe5_DzIkPjJBRKhviFsCEpMJYioo7J1rSv9lrnAZa-OPLbQjgt4hJHLnNHdEsFAkNFcvuiKLnO_FQ0Fstp0AEuANwEjK4COMWeMW_elMVYD5pWw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 08 Sep 2022 18:46:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 45BB 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Origin
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 45BB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6f-jl2wJWTyWW8OsrPvkvM8eBNj-_Vw8f6NYUfSbacdOsjKAd4T9E_uL4E8S0tBhw1lL34YVj9XW-l9QfkVJsDcuTHYwZoAmxhlX7iNM4beIFjmhNFlboJ9Ok9FMxaj-A35HeQpxW0o90MiTZPYQIF_ZmKw&dbm_d=AKAmf-DXA2buiLV_NUZfSURDGXECXC8gslfdHgDsXtgxZKkTXVUV8r4OrK4DXVaRTup0qUEAkyE7M9UrLi49-r3nXZhfJaqg4Yzzb4u6zVaM9yVLTG4BkYkjScji2xt7k8ZIwRFS7zhASnVP8Imu2tJrbZb35A69UfLE5RYGlmSVfFW0wKtA5fUnTk7uHbQ1rYzdVOaxAJZJfBZNb1I471diQgcgUyO3xkWidoMDpGQWsFhrJnzs43soq27xWt8tfS6hFH14llk1_LRXPKUmDTGJ6RynA-ZnBC5YVm_IDpRcETo9o_pA4dIWqMqj7E9k0zb44ll6gtH6LXL4F7geifnwaD89brUEiRQjrZxrjx3KQ-4nUkj7b4JW-AWLoyxxsah86MO3VQ7yiXBiE43V83_XeKCdErRvtxb61JZQAkPxScWuX3koJu-d8qsSL2f_KNfLnkwjjpyIT2CchJGzOwmdwzTh1WJBSFrbToBdZYEkCSMmxi7RHHPwlG4uGPjjpSz9HIVOO94ZpzRfe2akn3IZWKVYEqSFreVdLspDwQJxYnS99X-MZBrLp3kdLe7fsUitDV4aX84Pyvn3bbxHg47csSy4NRwVhi2hAWPUE0oLf_omxtI718Z3S77gElDzgnZand5I6O6ebhWrWv-7ly3YG72_RFLy-cNeaHPZK0PidYA91J1xYnP5Km8vS6JqbnvHxj3CjkankyRWHXLFajLKqz_DGuuJp8HiI5xUNno_3uBVNSnZGeDuOLLiAdFrWMekf_BOM-cMCx-S40LZ4BlJQB1lbwKmiRCtHQfzjJvzJcPc1Pszx55w59MFn5x7TmdB4SUzB90a7u98gtQXwlo4ADTTO31mS7zwGq0dZiF-qzRbtpsYNZzKwiMA65JUzIIdM2BsivRQZiVN5vbae_b70M-ZdmywjG6r1B7j9MOK0Esj5Gl_SsT89jPB-lopM9SAqTRyB9rId-V5NgvdwJt2MZFWyE-n0Tvy6ywDEQCLiVh-3zLWJKWZvz0w3-1aO_rIW1WMHB1j20PtATFBQbRsy4Rpt0Dj8LA9OH3rVBF911mkFoTiI-gHvEyAETUUEcfjS8TQmWi2l3Qb6GdctxDDQtYKB7Qgc4tmBSp3-ZC2n6MTV16LcbhNU5tnKOOhlQ1vtmalv1j6c5hcsQZ3bTejpMRSpVs8qDpQRg69fat66iuFtOq0PXlLXBYP-wJKKmaBcy1lPANBIi6S6PPOM0QnHmwhAnIbJG0PT7FdX3HHppkE4WtL6PHFGGl9U68VSkZxRpHoMX64jUKCbYUic2mFlvAL9hJePuYUk4d5At7TPvovy_cy11I0kxbg3x-SmAr0XjfYZMtevZ2NRpMAnMHwGSvxk59T81d3goLX7EOsytisCFGFUn4F8KyHHOKzvDJulJJAhJTrRNHGIE1Topj9oMGRvE0LaY2pu7d9_REOPhvAcfCEzmLL9r6zuYqlbNUPabGwtjGR_fia1HjW5AeIyAgCZ5GFyGdH3kXPqW1Cr-2FPTBy2ac0ZuiMBABiYCKVbkpwM6B3DkMq0RQSyaCrYP4_SSdkAnMwUlhpz9Wbk6Zb0_5VUuitcglZHCo6iHndPQ7l9XArXdZ5_BP3ybcyHC945htEQ2_aY1UQnZXyqKxAFzhOvFt_lJ7UZodYu_7hUt_mFwfdTucjCtmzS4nrX0x5akGcPmW9rNC3heq3lN6Jfc21lvk81v27j2WtjOfjHlNlZRlUzbW7PqF3AQEmoBRCJaXoeHxNM3qLiVAeClf7uM2Km9eoK92FSvmkCtw4bPC_pNl6FwI0C0GvInP-E_BZy7b4Q3mRVvf89IvgatO33E3W073bPZB1RbQzQdMzvaGjQhcKVHvDIaUPL6lKlhGCqiFz0MoomlGd4sV7ks8NzlgfnkWEsSEsNt1DvO6gvmUfZ9yDzpoNAMDsmmTJxEMaaW10tlOtwFNwQm2ctzlY5k2o-P4w3nMaf2w_bcPNPLgLNuNGdTTJ3bSWEfr89NKo2is9MENwAx-OJBYBZU-Io2jZA57PKjeDi2Y3Vef4DqTcGqoioUb0Q8_6MC_yZiqE9EU0arOxwmtoC6kIZov4BXMMKalOhQ3YBGleERogV8O6ous-6_9_c9YECs5D2ts06emUlSjOKU8enbUtTnMiTooVCQc1BRopMFRYe6Jpm4D5HBjQG_vOdzP395wQzsy0PNuGHwZITSZ0f94rElV4wTUc3O2MTJ5MFU042H-ciOHlHF1eFrRMWPXDSfmtgiaIVO0KER7Xt5DbxP2NoNZ4nAVOUF3C_wVyOfvV043DgDVE5fNW2al_zhBDclz8UMgIIE2iXM8J7gibI5jUoqg8u6dPV2bLxr-vEAG0fomf_mOOFaK0MoctgNdBhT7JM_iUhjBoKonEapxom25uvtIVGQGvKp1uHNyoLH4Qfr0oIX6ZRywIXnu51P4GirhnEpIj8P0tl1vKkYjqI2tu2sqs9j1cyeNNVEYR0GAvVQTElB7MKCmXQ02YnyMQbtf0AIAsQGpuaVXbHr9D5QRigqK7u525b_5E4hXG5WywnqUzgVCJQqHXqXroXx8yHdw589rLSnmYWMNHGGXtQ_MznNKjQrbtEGfSzEkU5RfffqGitgnA0WlIDQgjZYMsEeiD_kotcmVdiwMaeKPzsXmR7WI8DvAZc0NwqqhCLNX7-LVzTc0O3K6EtYSIZ_Bo-0GpGuRIw28pHcQq5ZTueKBZndY8nRQoCN47jhtl_D6kYnfTZbia3TPgTaZQ1X2ZkFMbE2VmwKKGutD9fB5q-hqen9pGG6md4Mgw3uG1jLv7w9SCFSrOCqCDNw_uo-tpJZebDM6OozH_7Hu3YQUOAupOogrwjxfuq7SEgwSqAVUyvbmR_Iz7ostW5eKVAUY0ZMWd7BVDYx0Puf7sWfywoX9clwG-Dw5cMH4f_WN4zWP3wmRrRKu6JEMVeuyJh7SrmaxSMeJUO7MbuuhWFt25mGFpyvwtEIR69CaeGTdLtMbdYpq9fHb6j2NOVNib533kIg2p8R_KRov9_kQrwNuvua5b-PHro7_FqXGarkVAVgDe4cAMkG8bDtMlr94aw7vygcd8JhGMhpYyIJXAwHJblEg4tNGk0-s1vcqZO0E9ez4rZ1KY9sf7YhldIFyq1v0xWNgZ110FwmQiB517SJ9ekpGpx14jIDBXrgR-GwRN23Pwmo_LL_3So60ylT_Kf6cdwNXQ38kn5MUk3ZjK8AqmdzkP275edYJpUbuXNQLwdQEE68P9A_FKW1EPkKmZ4y7PyA5S6K3BplgRIAC3W-5_N4zxKUC50mGI5SPIODSrcKaWKmrR97iJAtoqmBHdfSPaWsGK3eEd1ndA4OxIi-a2vutbMZLOUV2FeAoKFVGaN8tyIupmhsZVYxmBtxWxgEHsVjrZS1niyHUr3AgytQQmXbGqR4ZIMd9O3aw&cid=CAASJeRoLGu1FN4yWQNt1AIeLw6o3r3FvUax54tEf7LTf8_w0tEzUGAgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:31:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 45BB 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6f-jl2wJWTyWW8OsrPvkvM8eBNj-_Vw8f6NYUfSbacdOsjKAd4T9E_uL4E8S0tBhw1lL34YVj9XW-l9QfkVJsDcuTHYwZoAmxhlX7iNM4beIFjmhNFlboJ9Ok9FMxaj-A35HeQpxW0o90MiTZPYQIF_ZmKw&dbm_d=AKAmf-DXA2buiLV_NUZfSURDGXECXC8gslfdHgDsXtgxZKkTXVUV8r4OrK4DXVaRTup0qUEAkyE7M9UrLi49-r3nXZhfJaqg4Yzzb4u6zVaM9yVLTG4BkYkjScji2xt7k8ZIwRFS7zhASnVP8Imu2tJrbZb35A69UfLE5RYGlmSVfFW0wKtA5fUnTk7uHbQ1rYzdVOaxAJZJfBZNb1I471diQgcgUyO3xkWidoMDpGQWsFhrJnzs43soq27xWt8tfS6hFH14llk1_LRXPKUmDTGJ6RynA-ZnBC5YVm_IDpRcETo9o_pA4dIWqMqj7E9k0zb44ll6gtH6LXL4F7geifnwaD89brUEiRQjrZxrjx3KQ-4nUkj7b4JW-AWLoyxxsah86MO3VQ7yiXBiE43V83_XeKCdErRvtxb61JZQAkPxScWuX3koJu-d8qsSL2f_KNfLnkwjjpyIT2CchJGzOwmdwzTh1WJBSFrbToBdZYEkCSMmxi7RHHPwlG4uGPjjpSz9HIVOO94ZpzRfe2akn3IZWKVYEqSFreVdLspDwQJxYnS99X-MZBrLp3kdLe7fsUitDV4aX84Pyvn3bbxHg47csSy4NRwVhi2hAWPUE0oLf_omxtI718Z3S77gElDzgnZand5I6O6ebhWrWv-7ly3YG72_RFLy-cNeaHPZK0PidYA91J1xYnP5Km8vS6JqbnvHxj3CjkankyRWHXLFajLKqz_DGuuJp8HiI5xUNno_3uBVNSnZGeDuOLLiAdFrWMekf_BOM-cMCx-S40LZ4BlJQB1lbwKmiRCtHQfzjJvzJcPc1Pszx55w59MFn5x7TmdB4SUzB90a7u98gtQXwlo4ADTTO31mS7zwGq0dZiF-qzRbtpsYNZzKwiMA65JUzIIdM2BsivRQZiVN5vbae_b70M-ZdmywjG6r1B7j9MOK0Esj5Gl_SsT89jPB-lopM9SAqTRyB9rId-V5NgvdwJt2MZFWyE-n0Tvy6ywDEQCLiVh-3zLWJKWZvz0w3-1aO_rIW1WMHB1j20PtATFBQbRsy4Rpt0Dj8LA9OH3rVBF911mkFoTiI-gHvEyAETUUEcfjS8TQmWi2l3Qb6GdctxDDQtYKB7Qgc4tmBSp3-ZC2n6MTV16LcbhNU5tnKOOhlQ1vtmalv1j6c5hcsQZ3bTejpMRSpVs8qDpQRg69fat66iuFtOq0PXlLXBYP-wJKKmaBcy1lPANBIi6S6PPOM0QnHmwhAnIbJG0PT7FdX3HHppkE4WtL6PHFGGl9U68VSkZxRpHoMX64jUKCbYUic2mFlvAL9hJePuYUk4d5At7TPvovy_cy11I0kxbg3x-SmAr0XjfYZMtevZ2NRpMAnMHwGSvxk59T81d3goLX7EOsytisCFGFUn4F8KyHHOKzvDJulJJAhJTrRNHGIE1Topj9oMGRvE0LaY2pu7d9_REOPhvAcfCEzmLL9r6zuYqlbNUPabGwtjGR_fia1HjW5AeIyAgCZ5GFyGdH3kXPqW1Cr-2FPTBy2ac0ZuiMBABiYCKVbkpwM6B3DkMq0RQSyaCrYP4_SSdkAnMwUlhpz9Wbk6Zb0_5VUuitcglZHCo6iHndPQ7l9XArXdZ5_BP3ybcyHC945htEQ2_aY1UQnZXyqKxAFzhOvFt_lJ7UZodYu_7hUt_mFwfdTucjCtmzS4nrX0x5akGcPmW9rNC3heq3lN6Jfc21lvk81v27j2WtjOfjHlNlZRlUzbW7PqF3AQEmoBRCJaXoeHxNM3qLiVAeClf7uM2Km9eoK92FSvmkCtw4bPC_pNl6FwI0C0GvInP-E_BZy7b4Q3mRVvf89IvgatO33E3W073bPZB1RbQzQdMzvaGjQhcKVHvDIaUPL6lKlhGCqiFz0MoomlGd4sV7ks8NzlgfnkWEsSEsNt1DvO6gvmUfZ9yDzpoNAMDsmmTJxEMaaW10tlOtwFNwQm2ctzlY5k2o-P4w3nMaf2w_bcPNPLgLNuNGdTTJ3bSWEfr89NKo2is9MENwAx-OJBYBZU-Io2jZA57PKjeDi2Y3Vef4DqTcGqoioUb0Q8_6MC_yZiqE9EU0arOxwmtoC6kIZov4BXMMKalOhQ3YBGleERogV8O6ous-6_9_c9YECs5D2ts06emUlSjOKU8enbUtTnMiTooVCQc1BRopMFRYe6Jpm4D5HBjQG_vOdzP395wQzsy0PNuGHwZITSZ0f94rElV4wTUc3O2MTJ5MFU042H-ciOHlHF1eFrRMWPXDSfmtgiaIVO0KER7Xt5DbxP2NoNZ4nAVOUF3C_wVyOfvV043DgDVE5fNW2al_zhBDclz8UMgIIE2iXM8J7gibI5jUoqg8u6dPV2bLxr-vEAG0fomf_mOOFaK0MoctgNdBhT7JM_iUhjBoKonEapxom25uvtIVGQGvKp1uHNyoLH4Qfr0oIX6ZRywIXnu51P4GirhnEpIj8P0tl1vKkYjqI2tu2sqs9j1cyeNNVEYR0GAvVQTElB7MKCmXQ02YnyMQbtf0AIAsQGpuaVXbHr9D5QRigqK7u525b_5E4hXG5WywnqUzgVCJQqHXqXroXx8yHdw589rLSnmYWMNHGGXtQ_MznNKjQrbtEGfSzEkU5RfffqGitgnA0WlIDQgjZYMsEeiD_kotcmVdiwMaeKPzsXmR7WI8DvAZc0NwqqhCLNX7-LVzTc0O3K6EtYSIZ_Bo-0GpGuRIw28pHcQq5ZTueKBZndY8nRQoCN47jhtl_D6kYnfTZbia3TPgTaZQ1X2ZkFMbE2VmwKKGutD9fB5q-hqen9pGG6md4Mgw3uG1jLv7w9SCFSrOCqCDNw_uo-tpJZebDM6OozH_7Hu3YQUOAupOogrwjxfuq7SEgwSqAVUyvbmR_Iz7ostW5eKVAUY0ZMWd7BVDYx0Puf7sWfywoX9clwG-Dw5cMH4f_WN4zWP3wmRrRKu6JEMVeuyJh7SrmaxSMeJUO7MbuuhWFt25mGFpyvwtEIR69CaeGTdLtMbdYpq9fHb6j2NOVNib533kIg2p8R_KRov9_kQrwNuvua5b-PHro7_FqXGarkVAVgDe4cAMkG8bDtMlr94aw7vygcd8JhGMhpYyIJXAwHJblEg4tNGk0-s1vcqZO0E9ez4rZ1KY9sf7YhldIFyq1v0xWNgZ110FwmQiB517SJ9ekpGpx14jIDBXrgR-GwRN23Pwmo_LL_3So60ylT_Kf6cdwNXQ38kn5MUk3ZjK8AqmdzkP275edYJpUbuXNQLwdQEE68P9A_FKW1EPkKmZ4y7PyA5S6K3BplgRIAC3W-5_N4zxKUC50mGI5SPIODSrcKaWKmrR97iJAtoqmBHdfSPaWsGK3eEd1ndA4OxIi-a2vutbMZLOUV2FeAoKFVGaN8tyIupmhsZVYxmBtxWxgEHsVjrZS1niyHUr3AgytQQmXbGqR4ZIMd9O3aw&cid=CAASJeRoLGu1FN4yWQNt1AIeLw6o3r3FvUax54tEf7LTf8_w0tEzUGAgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:41:31 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9315 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Origin
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 9315 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfZmsFVX-xHcca3iiBRkP9jRoB0w-6kBicejJm8QqFMRiYFiDk_fvZSw1co7W3NTGPjH6SFx4Edm7WZgg68c5aQC2m-CQWOrxopbk0EE7mKLTKZ41IKUIAJ1w48iC99FaD6Wqqec7ht21PSdQgLceB0kvS7Q&dbm_d=AKAmf-AIwdayiPqIAfCx35i6obBYCEXUpEPv0P8hmcwTtz44UTjcvxUpUnzGarRk-A2WKHvbzJHyCmeFJGdRvaIBoA_Guu0ESXOPu1KgHUoez1gSfrWM2Ls0wnuVFFv1MxxpPBX3ZWCcgMEc8Ksa6zBggkeEFNmqL5oqpJLtIIdPrZtGwLfRYxfAfvjqBk8D5307yNsagUYpWxgi-3r7-Gz3aLGsyiN9m4rATWTpD9stBKH1x_f9fFi7lqHxBoE0c_ThwoqA8T3QA_K22NFhghb_wMC995eq0-N3IgX976VG4FU4f3YR6CwVpjVztBeHXZZXMycmt8J0fuKjInqKAChkTZxcWRDjMdE_o9y-22cA3-1rxuaKhQLSlkZqB_zsDltKi0vKMGAqsBkn31wpHKiJbHUc_bkFDMPECFLfbEjNrlEY2lX46Wta2OfkfQ84mvT3unfXbMa8Bd9meD2_Y2druyxTU4hySVWcnPtrJ3fp7piJCVEsoIHtu12HoJUxk2SEcZxF6uJepGpd8CcCaEvzB6kly4AuRSf6jGfXWvierOlX7M3W0jGxQzH-JkoNGTupO7Wcay3zs2YFh9NUV94I6lj-XI66CNJLr4pTa-5rbVuy4FWZdPLNOeGE9Gj5c11cgjvnfUiBImc7Qo664bnU3yO4ylpvdjKEXLI0LVFFVAs8ZiKx1_j3pPwcnQXbnZHzTq4ICSjVOvOBFbiwNyyPrJMMmtwyK5SiIWmpZUlI0zzQNjmnSLFyooikKze6hNX3WcLh5bOIQ4pTMZ4y6xEhhQHrUsOCF1wbsUNroHDcOaxXhpcxiPFTYbTv---NzBXGDIWIEpNGgxOcG1mGvtupbHNUGyTfuzF1RFNcx4i1SsOHAF7YcTzsNTKSPk6Y5sSsmGvXJQJYBcTCNpcErr7ke9kC9TAMR3tEmCkP_CBG_0x_EvqF8lsWBwRFpFZBMLkcz7MTPB_LjjR-lcMBX5-FNBJW60612CKLwyVFx8j6OwPC0yr04ksq7O5r73jA6YZniQYqwyD0ucDEXSrvNDUIBu_NDjO6imCXzzNgIVY4m20aq13l8vvN8C_ETsRmn-kWhsC4rMOJoK1khFTYu80oMk_cJiEf3sODuUIPGmp4elE2Fg3pDERAjK4ZxZNSwUNTSA90w3kO2zjzlksbXM1IlYFRH8embBlsCL9vERgpn-QHTcJuzSG0-e-1hmalSAMja177vnFD5rjabAKNHT1PhKHUbDYGAsZcGZ9R1GwbsTXXT90y0QLAxtpAHeLTUwjpXF-UJBvg4H1_FRW1FdluaaCxqn2dbViXRbP1W-rEkgT7p6Xs6Rqa6a14XfeCFAR0nb0HNRjM3iDW7caaGpw3ltsbkGlrzBKF98VVQdNrJaprOjwMk5-UE9q7cjymx7kHHs22g5zHYuamzF0sZ6Qc5qvvF3UUbCIORtjm_YTPps7RKJ7bBIRnsFkvGk0uGxaSe6g8DEaUNVFTpdq-Kfk7NvN78Pz5M_jrhRyRzrIrZjulJ4QZuoE_VA19E8cKOZQX5RVQXj4GM8_jEOXXkXyMgunuNdXgUcDZyUtxraMbagSaTmJZa3kyWbvkiYraXFZwASWr__5BvKOK7sphNUZre73God8BokzghBwLxTSdirycSXE5F2i_H9dYFOK96qKQzIy9QMiuMwQKbIijGK3T5rRgbYM0hw8W7FT1Oryu3kQyl5hO1kQSp9rT3twS4cMkI3iH-RDKZkjOhjOPMHLoXR27hgytWEvEt2H2RnMPaf2MXsabJWAZEjhmmrdy0E-scu-zFN8b3l1FTKY7qnF8QAuB8kLiPAZGFP9QSa1RHfyGBMHDq6oTnFGOBUZt2jqk3c6CxH_COarNaY__hWzF9OTpo7aspGdh-RuUBh0yKqUT12HmkMmRbsq9xlc264v6PfC6953k5rjkmiJtgaz512r2rk1bnSaJmqceNHxdmiaeAxRMeh4CUHkuSusonJXQ2Dinu11QXS8jZ_fh11iBySLmXASSv8UHmWIJRzNccfw0IicAejiE4fiHr2Ikmsct_o70nsiTVCgUMn35v_PBuE4-j6zYCaasPOX7ntiNxirMYrgqXYjwYXX061cWpcCJ5aXOCrqmi1GGdeitbRhDJ1GHTiy48ZJ28o7xeYdpCBh9PnclrIWv6cEsOcMgVmLD7sOL1xThfXMDpqTktn-uFzpB2YqhlxzAukNaZfOcb8FGf9aGOSg9BC0rXv0fLJh4177IXrptUWjWyWa8FAZB7nqG2dSv5RqI-TEBJOHgoEBGYFcv2w4E55ooOxTV0MWpECS_C_iWIMFLI3zsPE5xSguJAhQ6otd9o3Tt8TyjPWWRptVKTMp5lDY26dyuebaIHISj3bvP66LfQ4B4PYuU3j3MX_AOyB4ATMtGkFTHWb4pwQG3RM7fY2y_00pqLLqtuhJDhlrysk_yvgASH_bYzR_LCNnEkuA3hiteMKfWYJZY4lByPpmCYsaG81jbXZpuXw8ytV25QBUqU5j1Z2CUKIDmf9AMBa32eqcYlXGMOkI7MvSGcu3sVS3QZWEn9tTaeLGqwCiRGM5ixElJ_Z3tH23WzaKG67w9zGlAmPRjlMl1oOohFNfox_ipGe76RwMjQPxcnV9GPv0dvWfYl8hnGDJoudldOWU_kBLmTZ2a0lsTD2RQy8oVhhWYyXPlD-PVmYQ6Efr8QHk55c-A6Ue1KBoln0zZ_0M0dlUhnewZ59DqilfAXKhr2qZhMMXyyjYjpK4J_FQBcoDI50i25hTRGrIQBUcSOOoLQLvdPOFx0krWiPLwmbTmZcrAkDZnQfy7YF2qPF85qGV8nLxL3A_JL26-gjkpPnf5p8kgPCkao2Z4HK5XHC9aO428Bnit4mz_OlYAxYIqYCdmjfmyA8CTRCed7PQhEKuUFL2zsjOoYOynSQ7IG2ho-qJg91NtKIaO5sY0_xFH4_vsYOARchL2FCQNHBb9PF4lQtYO_XmzfnOnvj-zWgjxeI-OQ9Xja6QfOQUIT23oOJ2siDSiZXS7csazuGSB-kC5jkR21lVeSR6Zl4MvZ1WTcFk1qZ3fV3n3lM92amPMlWfev1dlIyDwmUkED3DJNCyc-CX8iB6kTEJK-u5BWMDmsPPdblYUS56ph7pxQQP-3wa0ia716lrJV2fDuLlwh2B_ombLPUhBnUVHA_LruqryL1BR08tiaR1V06kfvSzoLZP7BZR2p88SQalDn4miCvN3xnA6NbkX4oDerpanBICNhRracnLTu64Al40VAG5EX7q6Ra7Jskehsxvlr7tQP3FfGPpc9dF8JoYt-IXdFcvCuVB1PY1iwcG41UxqBnNZvHzV4VJNMwa6tpYsyLzY7p-w2tcnAajtEYTog8xYz60pqZO0_UKio4znqdF4xbTS0mxtGexiZP4lrgYxToqaMUQjNEqIF8TgInt10r0urbY&cid=CAASJeRo2Ee9Q84dJGjGrIGxqHARUQFzBLYC6zdlW_yFWK4u30Bxde0gDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:31:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 9315 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfZmsFVX-xHcca3iiBRkP9jRoB0w-6kBicejJm8QqFMRiYFiDk_fvZSw1co7W3NTGPjH6SFx4Edm7WZgg68c5aQC2m-CQWOrxopbk0EE7mKLTKZ41IKUIAJ1w48iC99FaD6Wqqec7ht21PSdQgLceB0kvS7Q&dbm_d=AKAmf-AIwdayiPqIAfCx35i6obBYCEXUpEPv0P8hmcwTtz44UTjcvxUpUnzGarRk-A2WKHvbzJHyCmeFJGdRvaIBoA_Guu0ESXOPu1KgHUoez1gSfrWM2Ls0wnuVFFv1MxxpPBX3ZWCcgMEc8Ksa6zBggkeEFNmqL5oqpJLtIIdPrZtGwLfRYxfAfvjqBk8D5307yNsagUYpWxgi-3r7-Gz3aLGsyiN9m4rATWTpD9stBKH1x_f9fFi7lqHxBoE0c_ThwoqA8T3QA_K22NFhghb_wMC995eq0-N3IgX976VG4FU4f3YR6CwVpjVztBeHXZZXMycmt8J0fuKjInqKAChkTZxcWRDjMdE_o9y-22cA3-1rxuaKhQLSlkZqB_zsDltKi0vKMGAqsBkn31wpHKiJbHUc_bkFDMPECFLfbEjNrlEY2lX46Wta2OfkfQ84mvT3unfXbMa8Bd9meD2_Y2druyxTU4hySVWcnPtrJ3fp7piJCVEsoIHtu12HoJUxk2SEcZxF6uJepGpd8CcCaEvzB6kly4AuRSf6jGfXWvierOlX7M3W0jGxQzH-JkoNGTupO7Wcay3zs2YFh9NUV94I6lj-XI66CNJLr4pTa-5rbVuy4FWZdPLNOeGE9Gj5c11cgjvnfUiBImc7Qo664bnU3yO4ylpvdjKEXLI0LVFFVAs8ZiKx1_j3pPwcnQXbnZHzTq4ICSjVOvOBFbiwNyyPrJMMmtwyK5SiIWmpZUlI0zzQNjmnSLFyooikKze6hNX3WcLh5bOIQ4pTMZ4y6xEhhQHrUsOCF1wbsUNroHDcOaxXhpcxiPFTYbTv---NzBXGDIWIEpNGgxOcG1mGvtupbHNUGyTfuzF1RFNcx4i1SsOHAF7YcTzsNTKSPk6Y5sSsmGvXJQJYBcTCNpcErr7ke9kC9TAMR3tEmCkP_CBG_0x_EvqF8lsWBwRFpFZBMLkcz7MTPB_LjjR-lcMBX5-FNBJW60612CKLwyVFx8j6OwPC0yr04ksq7O5r73jA6YZniQYqwyD0ucDEXSrvNDUIBu_NDjO6imCXzzNgIVY4m20aq13l8vvN8C_ETsRmn-kWhsC4rMOJoK1khFTYu80oMk_cJiEf3sODuUIPGmp4elE2Fg3pDERAjK4ZxZNSwUNTSA90w3kO2zjzlksbXM1IlYFRH8embBlsCL9vERgpn-QHTcJuzSG0-e-1hmalSAMja177vnFD5rjabAKNHT1PhKHUbDYGAsZcGZ9R1GwbsTXXT90y0QLAxtpAHeLTUwjpXF-UJBvg4H1_FRW1FdluaaCxqn2dbViXRbP1W-rEkgT7p6Xs6Rqa6a14XfeCFAR0nb0HNRjM3iDW7caaGpw3ltsbkGlrzBKF98VVQdNrJaprOjwMk5-UE9q7cjymx7kHHs22g5zHYuamzF0sZ6Qc5qvvF3UUbCIORtjm_YTPps7RKJ7bBIRnsFkvGk0uGxaSe6g8DEaUNVFTpdq-Kfk7NvN78Pz5M_jrhRyRzrIrZjulJ4QZuoE_VA19E8cKOZQX5RVQXj4GM8_jEOXXkXyMgunuNdXgUcDZyUtxraMbagSaTmJZa3kyWbvkiYraXFZwASWr__5BvKOK7sphNUZre73God8BokzghBwLxTSdirycSXE5F2i_H9dYFOK96qKQzIy9QMiuMwQKbIijGK3T5rRgbYM0hw8W7FT1Oryu3kQyl5hO1kQSp9rT3twS4cMkI3iH-RDKZkjOhjOPMHLoXR27hgytWEvEt2H2RnMPaf2MXsabJWAZEjhmmrdy0E-scu-zFN8b3l1FTKY7qnF8QAuB8kLiPAZGFP9QSa1RHfyGBMHDq6oTnFGOBUZt2jqk3c6CxH_COarNaY__hWzF9OTpo7aspGdh-RuUBh0yKqUT12HmkMmRbsq9xlc264v6PfC6953k5rjkmiJtgaz512r2rk1bnSaJmqceNHxdmiaeAxRMeh4CUHkuSusonJXQ2Dinu11QXS8jZ_fh11iBySLmXASSv8UHmWIJRzNccfw0IicAejiE4fiHr2Ikmsct_o70nsiTVCgUMn35v_PBuE4-j6zYCaasPOX7ntiNxirMYrgqXYjwYXX061cWpcCJ5aXOCrqmi1GGdeitbRhDJ1GHTiy48ZJ28o7xeYdpCBh9PnclrIWv6cEsOcMgVmLD7sOL1xThfXMDpqTktn-uFzpB2YqhlxzAukNaZfOcb8FGf9aGOSg9BC0rXv0fLJh4177IXrptUWjWyWa8FAZB7nqG2dSv5RqI-TEBJOHgoEBGYFcv2w4E55ooOxTV0MWpECS_C_iWIMFLI3zsPE5xSguJAhQ6otd9o3Tt8TyjPWWRptVKTMp5lDY26dyuebaIHISj3bvP66LfQ4B4PYuU3j3MX_AOyB4ATMtGkFTHWb4pwQG3RM7fY2y_00pqLLqtuhJDhlrysk_yvgASH_bYzR_LCNnEkuA3hiteMKfWYJZY4lByPpmCYsaG81jbXZpuXw8ytV25QBUqU5j1Z2CUKIDmf9AMBa32eqcYlXGMOkI7MvSGcu3sVS3QZWEn9tTaeLGqwCiRGM5ixElJ_Z3tH23WzaKG67w9zGlAmPRjlMl1oOohFNfox_ipGe76RwMjQPxcnV9GPv0dvWfYl8hnGDJoudldOWU_kBLmTZ2a0lsTD2RQy8oVhhWYyXPlD-PVmYQ6Efr8QHk55c-A6Ue1KBoln0zZ_0M0dlUhnewZ59DqilfAXKhr2qZhMMXyyjYjpK4J_FQBcoDI50i25hTRGrIQBUcSOOoLQLvdPOFx0krWiPLwmbTmZcrAkDZnQfy7YF2qPF85qGV8nLxL3A_JL26-gjkpPnf5p8kgPCkao2Z4HK5XHC9aO428Bnit4mz_OlYAxYIqYCdmjfmyA8CTRCed7PQhEKuUFL2zsjOoYOynSQ7IG2ho-qJg91NtKIaO5sY0_xFH4_vsYOARchL2FCQNHBb9PF4lQtYO_XmzfnOnvj-zWgjxeI-OQ9Xja6QfOQUIT23oOJ2siDSiZXS7csazuGSB-kC5jkR21lVeSR6Zl4MvZ1WTcFk1qZ3fV3n3lM92amPMlWfev1dlIyDwmUkED3DJNCyc-CX8iB6kTEJK-u5BWMDmsPPdblYUS56ph7pxQQP-3wa0ia716lrJV2fDuLlwh2B_ombLPUhBnUVHA_LruqryL1BR08tiaR1V06kfvSzoLZP7BZR2p88SQalDn4miCvN3xnA6NbkX4oDerpanBICNhRracnLTu64Al40VAG5EX7q6Ra7Jskehsxvlr7tQP3FfGPpc9dF8JoYt-IXdFcvCuVB1PY1iwcG41UxqBnNZvHzV4VJNMwa6tpYsyLzY7p-w2tcnAajtEYTog8xYz60pqZO0_UKio4znqdF4xbTS0mxtGexiZP4lrgYxToqaMUQjNEqIF8TgInt10r0urbY&cid=CAASJeRo2Ee9Q84dJGjGrIGxqHARUQFzBLYC6zdlW_yFWK4u30Bxde0gDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:41:31 GMT
3491306522844523829
tpc.googlesyndication.com/simgad/ Frame 760D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3491306522844523829?w=360&h=640
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ea2a4c07537450ba91fdbce09767dbe4c93277e9b6cd2b9a810d80b4979718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:45:45 GMT
x-content-type-options
nosniff
age
316835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16201
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 07:04:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 02:45:45 GMT
7673685377721665471
tpc.googlesyndication.com/simgad/ Frame 760D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7673685377721665471?w=100&h=100
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1f897f2781f811049e1cfabebe95ef14c8aa364cc79fc38bc74bcbe6c8afb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:44:20 GMT
x-content-type-options
nosniff
age
316920
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1956
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 07:06:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 02:44:20 GMT
data=LYw1wzONLkLO1mTK199DS3v2Tjc9K4ylPYdiHmumwo1e7GqlEbHByPUzLsq10lQj-MBLNLbjfD_NPAZrPg
mts0.google.com/vt/ Frame 760D 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=LYw1wzONLkLO1mTK199DS3v2Tjc9K4ylPYdiHmumwo1e7GqlEbHByPUzLsq10lQj-MBLNLbjfD_NPAZrPg
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
edaa561bfea7aa59c2bc4fbf0f3d9bb70d7e9134a72c49b3009e1ecdfd807b24
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
age
1845
date
Thu, 08 Sep 2022 18:15:35 GMT
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31818
x-xss-protection
0
x-server-version-bin
CggIBBCWk+GYBg==
server
scaffolding on HTTPServer2
etag
0e48549fd82d9ced
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3429
expires
Thu, 08 Sep 2022 19:12:44 GMT
truncated
/ Frame 760D 		301 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 760D 		418 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame 760D 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7tehnuh&c=7141863004245&slotId=3570931502122.5&qqid=CKfB3MLthfoCFRfqGwodZiYMyA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7828440eca131f8024d59f2851a803e.js?tag=video_location/web_och
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400f:803::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3491306522844523829
tpc.googlesyndication.com/simgad/ Frame 760D 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3491306522844523829
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f5ffc8f9204c97fc6a9f68825e1f8843bb2363c961051500b9de93c616f9bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:44:20 GMT
x-content-type-options
nosniff
age
316920
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246580
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 07:04:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 02:44:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 760D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq0bFezgaY-eXEZfUb-bMsMAM65rUnmyayfXb1RCF3aOn2QIQASCG94YmYJWCgICUB6AB7MCQmAPIAQmpAjUTjX7tzrA-4AIAqAMByAPLBKoEtQJP0M5UF2uoFxTrNDKefz0kHqAIZT_-EvWWYe75M4vzM_4BRslmIgm-Rt36vg391YMrsi9aGRdi4RlUkcnexd792cWa3CdJcDzmng1h2ekkNycmlRaAAg7eeWjc_bG5b_nbzghksIsAW39vbTFqurICgsy9Q3l7L2qZsJaen9C1_hyxZaryYOg06NPm1gVAiZuqu_wv6g68pUPj5NzccwRS6n6a9Wm5kciuxAO4duab07amOg6H_SbsEMoMa1qpA-XPMKb0DkD81aAXhgOkxh3MWdF4WkFZCYhwyttzqlMp84kS3YoFCK2C3VPgsaJKntPtV954sLaLKSKd7JOozZBkVPIelVtMNsOV97E7CAVjSHz59Suk6TfLTSjM_w4I-zR5AL3q7eQ274wSlEC0PpSykzOyQfzABI2ut8j_A-AEAZIFBAgEGAGSBQQIBRgEoAYugAf86-5nqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxb4B0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGYDK2s5raJBLgToQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=KH01av3k2mo&uach_m=[UACH]&template_id=545
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CB81 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
videoplayback
rr3---sn-4g5lzney.googlevideo.com/ Frame 760D
Redirect Chain
  • https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&mh=ff&mm=31&mn=sn-4g5l...
  • https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...
776 KB
776 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.104&lmt=1661526690286274&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgerg6iHRtG-70cExC2qaIJ2r2R5T7JW0W9wPtc5OedoECIQD_UqB0FEhDDhGGrhNsPC9Bl0clm6m-bYNlLLvikDfmvQ==&cpn=1-VNFk0VTiJLEJSd&redirect_counter=1&rm=sn-4g5eky7s&req_id=dd0304c049636e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=ff&mip=2001:1b60:1010:3:1011:6725:cc42:a454&mm=31&mn=sn-4g5lzney&ms=au&mt=1662662702&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK9uQnLhgDHeIZBgKRR0s9h0Rmix9LYzoHWy7DIOkotPAiEA_SCfKwH8_lGz4gm87UWdFBZdwVm53sCIZ1TjPQuKePA%3D
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:1b::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f9f8871cc88919f02668a927e35127ca884c42fb768ec9a2835f318d679a5d44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 18:46:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Aug 2022 15:11:30 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-794479/794480
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
794480
Expires
Thu, 08 Sep 2022 18:46:20 GMT

Redirect headers

Date
Thu, 08 Sep 2022 18:46:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr3---sn-4g5lzney.googlevideo.com/videoplayback?expire=1662691579&ei=ezgaY63OKYnaWqDVifAN&ip=217.114.215.132&id=27ce148d6552bce6&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.104&lmt=1661526690286274&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgerg6iHRtG-70cExC2qaIJ2r2R5T7JW0W9wPtc5OedoECIQD_UqB0FEhDDhGGrhNsPC9Bl0clm6m-bYNlLLvikDfmvQ==&cpn=1-VNFk0VTiJLEJSd&redirect_counter=1&rm=sn-4g5eky7s&req_id=dd0304c049636e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=ff&mip=2001:1b60:1010:3:1011:6725:cc42:a454&mm=31&mn=sn-4g5lzney&ms=au&mt=1662662702&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK9uQnLhgDHeIZBgKRR0s9h0Rmix9LYzoHWy7DIOkotPAiEA_SCfKwH8_lGz4gm87UWdFBZdwVm53sCIZ1TjPQuKePA%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Thu, 08 Sep 2022 18:46:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 2B3E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UPrNZw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame D44C 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214109862-iMlaogD9khBamdnV%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D15%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=19D70466-D841-45D6-A695-54380C53ECFD&adk=2458199627&correlator=260889341084668&dlt=1662662777068&dt=1662662780224&ged=ve4_td3_tt1_pd3_la3000_er563.20.991.781_vi0.0.1200.1600_vp100_ts0_eb24171&idt=2257&is_amp=0&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&ref=http%3A%2F%2Fpopcorntime-upd.xyz%2F&scor=2811039775263587&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44731964%2C44754420%2C44760950%2C44765701%2C44771692&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=44d&sdkv=h.3.529.2&sdr=1&vconp=2&video_doc_id=2225938&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&ctv=0&cookie=ID%3Dfbb543c96267455a-22c85a6115ce0056%3AT%3D1662662778%3ART%3D1662662778%3AS%3DALNI_MaNpHJkKZecepCcqMy4OyNYjBeTDA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 04C9 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7Vsxfxo9dKwyrggfDh4KbxnTJHxxxqJRGrR-2zBLo9OQwhNxSk_nHmn2zeetMDS0RWYQdZu9TmY_KcIbfWG3Vp7pGUg0FIbSYrYPoYanKHWeyYPw2-rfkjazT73dKZ6dY97rmbK8Y30plsRb4BHfrnNUarX_vlxBAjw3s_qbceL0AZQhnzO6tUZQW97NhGiOhEfPvUnzgwP41-dr7WzxU1_H3JAvbKZKTgwX3Da6uBwoERbB9ZVpK14sregPBTvxtIsCRdjtUkcdnc-TMECSMnFHVP7HiZ4IPzJI3X86lJwZrk62SijtcbozQ6LXP7VyhnnIxylNqDO-aLe0x_Bfg-2u_aqm2oXWpZV52h9XntlGn6B5r4YZc5OP4yQFLI0Es9VworJOk4dUdc01Nqub4gYLyVeEaBs2J4yawfhDWNAd8-ddjg3zyF7L1eQNaFv8ZGXS7NCodsKVL7Vx2vpBed28UKYXIo5hCiPeoCngPoq8aYqVqkIBxhy6RI5m_5PHwEFxEjQOKBL2P0-U8LF_Yhe6enstI3Oz5egwofmV7cF8oE7XEUStQ_XKaXZXT-2s9cICidC1X_mxwvEZiPWfbxuYIHvxPis0ycz3vE07-gEDfsPYzMtvbaGanN4zyV_BehwFj7SgpbN6ubuM2F60xIhRZ6S-NCQ1Q3LS5yQPToIMddeNkHlSndD4mKuESdw4mmGawoBIx6OBBb4E5C4R6gpmKBX3gI9Q6x-Av0ELILrcxeNNT3WAIMpNogqIQZ3Z3k52cZ8dPANeqAS1w6YRgY0Ikp93GJVyaY9Ei_-FsuOBKynyyP81n6NIukAq3ymgvq_jQDAWrXsJThJSn878nKAw1Fnv1DtkE5rK-ap5qM_ci4rmOKeHH0fUwZVOYSqyq6Ep2MRUklcUVCC6LTBZjD6haBbj0EsABfem_6HVFYs3z6bjz90Ak9vlbisU9yahWcZnIQYcEAk7BHUtaDjDpiBenQaD8Wddv8dCvwFiVG20s2ZwSdmCT98BbT8orkIO70Vju2MvPMqtdyJ6oQ5dtFJRly3npxbpFo4OAhJdl2HF2hoNA2YyIbk15KJsUpqNhIWi1rU6gn5xWBmuXPSXo2nOgy6YTlQj3ofVWUawslQlKlg9RWXfV92XFVU6hoxK88wCxihxLcldk4nsZNlVkqgXuJv2eeHBoASUFadvRUkfgJ3tndl2egUzlUgvnR3Fl1NN6x382agfa8ZX_EdLKcsnrb9ZxmDzC4MmjNsGZiAKcSt50ooDahTTWp0m-HdaeQfE45V5U996dsf4Y978luA&sai=AMfl-YTJpAQ4bZImp4GXa87VEuBLN-BLVHbyLvgbk8nRvIj5r1su7JVpQXh2NCkZVDOr-qI3jsZcChTi_9VQKjHinYx3VtxscEMRgkeexLZMX_fRvYw4w3WtSHlIw5aQgN966p7koD3kK8y_zAJKXLvb0jrIlNPzYykMg2CnqxhfIJmNUoNM8tSV_wHwNbRIPjsUTgkJ-XJQcMu0q52cex1_aRzbhqU4&sig=Cg0ArKJSzJ6ixKRCDpKOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&vt=11&dtpt=115&dett=2&cstd=0&cisv=r20220907.01988&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bin0vkDP3Tq3za0O5c-OCRyIGEu_ka9TV74CUWK2uaEQVx5h9PIVb6t8UDmaWWIQXd3RSJkYEE6heKJD7NDn1jZm6m1A&cry=1&dbm_d=AKAmf-ChDYBxRBkjwXUHMV-mm8nSBIn3gCpVTOwWMnnEWIv6TxzAGsdHMk04_sXU7ih2-GwpAwOxib64JuV03LQBU2qdQGwLTEWJEp8b0nNgZAix_yv6Hj8m2WvehIbtk1QDdnb9Lj3iUVyna-qjvkuP3hX-PV5DtjC3TdfNkxd_s2V8CVMqV6gVyVVEQ-HqSK8WToJFZSG366o-c5ds6pHHsgy_PsvBzuLKKCIan_joUuN7GNWCNPsOcdHu5j8X3kJl5uuZV8tPjzExti4AXITfq_SriyJBr3lwEJOOCuHu9l-mLlp9nSEqVhA2rwSYwI_C5kd6WuDr2IZItkgaPYkwrKsJkRuwGX7VyggS8htp9CRr8kaS68oOBDiSZ2RMJPJIo8JUz23k_Ojs7zoaivpyytrzorMiZchqvyxsUYvJhKveMJnOWMP3sGis9OHlutmhPLY7qEPo0j_3pPH_mNlOAH_QMXvDJm1wWdD3p0jlPEkwmbsFSU6bHZm04m_OEFzV75JDfvX5wEkr4njsBBjpF-FNDo6S6xqGvDVMaNeenvtaamDzPRo-zmHr0gbwd5gIUGVAh-Kma2OFNRoTQ42Ndjfz-gvsp3CJS7G8ZRRV3gWvt7lVWJxO1T9CeRmK2BK0jDhxhUUbvcbJkktj-gvqP4t9iICDsj4YNUuC-nrvCIS4j2kjAATHg5ccBVjY3HJB1bZ3UyPxn7g4WMLHs-mqGS5V54CA0YshZkjPVqEYABNbSBg_GOkKITs_wR1V1aI2oHvPHMRITDr0f2YcB1UxUBek4cUEDRyDhhfho_KO_ZpvI3hlVsIy-_0L5j_hSnxC-QafKqXywwpM8oo2tD1E9To25HG4FeSMF9M2QQYA9RhZTqJciMU0tUlhG53KXRj2o_sfvH0k-Ir-unWVEjAh4quj_qZKFNLxw-JvnL_87z5Z1BOlM8awxmflNvzld6lqbuPk4Ve4qErxwR0QWCyG5SAjpOQRJfuu2mJGGMYeU6YowJ86eVtYAZepOYir104fS9WKftJ9JTkh7xmsLcfgVUxjZyxrXslChAdheh2XG76cItubfbYcGBgU_YVDNcCZCaoIsQqfthekZB97s9ym5px3TOvdOksXKmk3FKM1oTu5ZU4F0-ereSYArMO0wLeuabBqwditdlipbPVjDcPmFUri6DKKHJGh29WrKpsNxeUlL8Gf9GgeBJ8AhcePMwlD2hqtmp15nW9u2Ml314Gp9IIx8oVxrrH58Vo4Fpl7KkC9KNj4GVScqdkjhn9mCxlNALw54a2mbRrwwK7SjLqJ9iC3Sxx8EzoJtV2gC8QZGD4dioPwnTfeplvUeNkO4C4-bh6onYL-A9MtFPFggQXZQ_qomCSgbgP9WwjFlqY0P9M9MAv78GjZkrGeHYJaOKveawiz_8qx7_BfdDn1PEWyFxr-kk7q1gWbBxwUT-CnEnHRaEM0ZtBeiBq3_2xkkHpjicF3EeXVQg9upHjIPlgTeNaKaFt5ByMgUsodXFEuyZPDuntAwYWrBvLi3yYE_H1ttkhwENiOf5zn6AUPptfhOIcncYLk6v_mi84vd_ZtBtD0JGrs8PpqEt1OjFlMZwIXXRNLoAysfKjY0AlvS-RFzVRSrgEBs6PQxtOXiFI_7ww4W9RWYeqmvpUcn29Gk4nc9g2lqPhR2qTdWrgnqR_X90VyPgx4ME03kJMweqwPurL2NykTkDi9wsti2e82kL5kPEwK-a63k0cc-sTrtcXDe-FCi8_H3MTIyXUBW62AbYK4Mow68UH6ncl4HKVrYmYV4Fw5Kp0EhMsV3M9zbZzY9tBE45_iQOfMFKip-soAIRpsmVH5dvaYU3BbAIxM4YcO7-UHj-fQgyYmj1CHEjseTon2SCG6Qg7GdhAuw06Nwbuy9LDOxtmfm2T0P-iz8P6Ff1nUPiUKPkiE4qZbBuPrLpxUZJczkPHdDnOcDbZHUwpAszG93oTRoP2cmKjQ7GKRkgYYqoYtM703h7kmpDidrwfMu06vFis4nyBOKYLpKmQHJez0L4FMBLBp4zh1kgfykGtSXF24Mn8hJkEmt5WKPowWtX9lfTUobiInMmKmJG6T4A_JoyeKOojI_gjz36GwqAL2Gypk-Sl3CeMm9sW8V8gBuZMUsKieO1nQ5kmvpqzpYpViPYLmRc1cTMHAGanz1SMnwQf85oA3npR8hvaNM3x-049qXH-sc_h90vQYgoVXL3CAoARNvUG5V8XLDG1JCzcAzMDPeHRI63Kag_MtRqEtOXR9nWjUPcKoTlr-Fxe8YAPKrEZPO2pTAgfeCCuBDrLxgd5EUBykeH6fswFONq_tMmRHBpmvTEHnDdN9WrnOra-LKgdKbCTds53aoTOo302aP790HHR54bbCPxutaNT-TdTW4CB_qf30WoXAJxLkiKaXf-XB7A5cuudT-Gxp0sT4-rnYZFBy_KUaRFBpBB_k1IgBuVo7RqW0-s-r_1isEhEqbGPBF3msPZYr-MAypUDhVDTszqzJ1X8UhwdohecshmdaAXHUDqdLmKHXVcf63IhuvDKskA-qMDfSyKnxFoZDhXlfCB-QC0X7Z3CxYGhPbHoSJ3b1PFtrukpjG_taR2L5eveSBfYbthIStV2Xu8K0k8L-zjQYg5shlCfP5_uZuBuuftZ-dSulvJe7BvZCX1URYeoejH-Dc6dEyZmhSA-IvpyUx1dPx5cwF_xnHQNFGqVPIy9n5Jz1fKdwxtYPOl-fAdh0cROOD8kJ5DHl01DykaOn7e_N0jUzCl9zF3PR-sAx3JL6z6GXMAacsJtT8yhgZ-vFZYvK9wJr5jOwT19jbD8FDHYiTZyWy5oSt_gI_bvaxZB0h4mZlA-NAfry84wEHMgMBfjJrqluWahyQuODQdMcFKhuesRUczUKpXcz8GakV8PnP3LQcVJ8TbWb03yLac4EVtWNYHpufS8M2BHm6n7IV9TgdONnNp1pc2IdhPTbYntyu99J2KeLbmlnyZ7Ddoevqjbpncnf38KVB6VMc8BgGbnZEH6t66X89Zv1IQSF7CnUA8EjQlAC26TKUTkVkMyzO8ZUcNlK1BjT0dMQxc7CDNkmYXHZaBnOtLm_tzA76S-SSq2rjMU9lXXFcPKZHjkfel5d2vnIKYFw5iLJ9IvXKC8XaYTeKhyDO2Bu76g1wA_xRO3C30t7PDo1Eo1h51Ok6OhcXJuodhW-7i1ZU9tCq3oejjBXydRX59hAalhfMOMuWq_mSqzgq1Ok1WWALLmDgpHWLgVtkotUiAq5aHgTrK8kpUf_TTOS2n2HyoyG4qT0D1eHxdRfsdyBVeV0XKkZqlH4uoUTzxJdzk6emN--h2c461py5sPhn4Iw14aRCT6_tLoKL9TQS_XC_0zcF83f0uZr4u6Qo0GKuoDJx1RbiKWDZepdZR-kup1F-DiE85xHExY8Om3FGnR1DFQHly8&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D05 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12276200816478547214/ Frame 927F 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73e92096e61cc5ea7df6db98368b62ff1f624918e8cdea8ec8c51022426dbe8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2285
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:20 GMT
expires
Fri, 08 Sep 2023 18:46:20 GMT
last-modified
Thu, 21 Jul 2022 07:09:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9315 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKkvvgn7-ELzajQBpavxrpcaoczJsbdPQojPn2TSnmwXVXeEpAd19mji4VEsSPU1Q46xMMIk99i2OWjM3WHFm2SFFvFau4Hm4SLjwiDbUvnu6cQhRryPPy20I53TYxn19yYRSUH8QJDPe6q_wR5WZQzaZbJGFUXFg-Tc56Abn3iMnsesVXP0K2CH7l5p_7RLHvxzXbqocxDhZraR2RI6Sz8CZSOP3UXalLvE4XW9ugE_S3KzE5Edn-tEmqGiA-xu1TUbnA3oejSe4jCXaovGL1Y35cQNxJ4UHSzOpnzau0D_W9w9dmZO7JM0BLm5xzbT57BJ1qa0HrU6JzggvkQ7pL1uyjCh7boHshakc0gb8TYlCUgKuPzWck_Z4U1grFEpG5ye6rvFm-fEQE6gHmagfsMYPAomdL6744B-Zj_Yh9Gr_wT4yP0WMdK151bz6ubS30sbwvGTx0aXerhjo4-Y2AnNJJUrbq3oMoWhpFE-f-FE-MPU546XcokF6h60fuvmMYeqX8zDT5yX_03D-Var1Z5Fv9KXinMj7yFhLCynQn9HiuE_ZuCND6S4KyGLXgtmLtZE-HB1new5wlHZLQsQKJ2ITUygmDcJe_zkkiPCx3vc_p_e-FyHwkDW5IxnxBPqGu2aFenk8vqA56xWMft41UT5ZiC8--1ORMNUJkBwPAOUxHOh7jCCuJiRnq1_M4Vbhkd5gj0uo3Y7rGPFo4JT3NY0hsRPswuA3zKy-3nF6zA3r5k0fqjmth22u1E82I9qhobKqkBvBuWhE7mUyXd0OFFOBi2eepSIENoJPzgbOnvr-QtIkFyIKTmCHPaZ_8QPr1RGlbIBW_GDyJISHom18PPHvX2GuuptJGtsw06agM56FFkoulKY4oV6rp0ah0K4cpeUSzN8nhxzyyz763_ARS2fbmdrni-CaK43v_8vZJ4hpX5eloIRmeqQSGX9lshYRpG8dwokDFwIRLRb43fhf8SP_b9DQj3gTFu1I4pQbUydjD21b0h71zL9XszXJulqS976-WET28RT0_y0mC_3pCi3Azy556wZ1oF8L2lN6mjX_nVP6Al5d0P8OTJO7jQdC-XCzV1eAM6sdhYVx4J8PrdiabDmxs_9cm79gVxThbUXlMIZHJlpVDxvca6UoRWUtLLjKiWjXaJYE22ZPQ9X9y2_WtqP8t-sLzJsWdCnE11swUTlrXPhdLaa7Rdax3ba03jidp5nc3eglMCyY-mO1Vb-8gx08zcTslrKVG5UDtlAInaJyGSaA-IsIbiHs3-fL45UWCPd8XAUfDJqZT&sai=AMfl-YQOcGY36pQBbNlagAvbJMqmsWCOOlQoCRC4KLAnkwRLZxt3YCm98K0EJL1eZFn5qOKm0hsdoUxECJTtjw8y1UMsdK1bcVp7jn9_FRM0BBnZTsKGb2QEj6wb5yGEIqfwnyJMNuNq6miYF61s5igCLpV--xS4WtBgMzDpj5l2S1S62aXdVMFT-ktAKg4INYZCUcDHf8XvTsaYtojoWRQe8Kt9_Ij8&sig=Cg0ArKJSzI8a7a5KxpqCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&cbvp=1&cstd=150&cisv=r20220907.02581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 18:46:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 45BB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF57 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/6862455919453743395/ Frame 2AB4 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d90022c1f38cca768a5a659e6727c5f0d36094e5ad4ea743734fe55f27d5a8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2286
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 18:46:20 GMT
expires
Fri, 08 Sep 2023 18:46:20 GMT
last-modified
Thu, 21 Jul 2022 07:08:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 45BB 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCyTafB-a3-SDE7e6rVNjr3b3Jnqgici0X3t6Lo9iS1XAvQ0TY3vHhhWruc9mK3zAHrPkcfXFI-qGhiwxFPkCDecoqBEyOnqpNLz5qfJ4kMC14TbSnfhASDimZTIhUsPiLbJR6inZCoCufcUe9N6ddVuP_4hidAD7iSty_c-a8bCC5uM67zYHBUF2skoizdid8lqz_S7Izgwek94fryVnWdwCELCMiTTplSkGRTnFN_W8MLTbG6qV1qYuknqnQzam72XKPYE25sG2I8pA_6Nv0imc4nLFnt3i8GaXl9nGIBhSHac22-jDS-GxV3enDCPCORW3BVUJcf2iWObggVsHfaHzi0hGYJVGlcFHpADvMze74F2iORXquug41PuLb56APfMqkm9vw4lH4f7L5de0Au0DZG-A0bp1eY9I8l8BcMlOMQd9K9Bangwloi1bWIlbBlyN2_6slTikagrG1M5Hls7b8HRJauXD2vW96241Lff5eryNqGjrHOVpXpeM2rEPN5P-1fMZLpc0TGb_IM9MlOHhKyLZ_3zfgHKZhevTIicKoQtnabWshKpnhZAPJsO6b3hKS_Z1G44gY9r6isY32XELwf_1OFkFk6Ju5wiyld-aY2ew3Mx2vYUAdv4wl04OtvgHP3QUCC-XhdacrkVitPeJh8BEHUx4Br9a2nY7sNvdXbpAFswjb_vlB4UDN57t1Y6a-noEPAgoLdoHG-zXyH95kJiWRoxSeClWeFWTMsSg22EC0LU4ha2-f9YqgG7wxUL_tk8VVwvNz_PR_2In4MgYI_tmzHA82yaLAIV7Gob_U1ZjZI_ba5HHf1bxSG6lJHI6oPFi9bB73NhbTy0QD-Sy6RkrDYp2Qr59o1aUxLzschS5wQsdxz-P85GC6NMo-K7IqTMnH2r0CHhct8BEDixGma0Qgo-3DukK3b3dIuAzPExCM7dS-2FrLSfi9cD2ZvtbB2wPsnH5fXMezA1IIzrxfuqW0NhnlxMWqdUORE9GFq6aXTymyp-2gkeJuKHRVxBqV2_mM6LXHylOI7Gfg1Z7-iVx0YvaYoywiVMweGOeGCqWfksAm5kM4wtC3EQadeNGJvw6XsqyePbHvFfWY1rAb_vjJCO1owSJfrEiexfjbe4Ggypx_ZpThOOlO9hsL1r8cIq-nnQdLUj-Rf6HnmD7tMrH9t0cExRkn-HL4KfYO_fLgantCJLPAgt_Z2rgIDHKRMB01mu-R_KUD-S-9jtlugIYFV5CiV_VgjtVozNNZnZUJBzm86HBxhtjBSXTNRmiQ6zgm1T5k&sai=AMfl-YSAjvhDnT3dDB_dVWyPWopL11AG4Efqpv6vSr8jvEBx29TNHBvBxmlNyVm9CaqTHMjezoWXMs8Rg58eBsb5AtIeXw5s16IhfAJ5-h6TgM2ncjb2bjfhdwdU5_RlXpRDLVConwFjyyvbnJngWBzzCdaLyuNpBGCaeB0tiaxN2GV2fWIFJ9p9po25E1Zalufoln8HxFmy1OQIsjl8V3kZQYiPK_DE&sig=Cg0ArKJSzCd7O-7Et4QUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=176&cbvp=1&cstd=172&cisv=r20220907.49438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 08 Sep 2022 18:46:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CAC8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9315 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0FC6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Fri, 09 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
google
match.adsrvr.org/track/cmf/ Frame CB81 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBDLqqYiqSBUwDRWnNnJ_7M&google_cver=1&google_push=AehlK4AxWVx26iOTs6dTLSSTDWfdpXBtR9nVTMahG61zJWB_Vp5aDlETDNatYEWltAEpy7Di14kpGsSZELDvV_Um7fbKFGTCLIo
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CB81
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGd4uv7cvgxflKmEdpRPt6s&google_cver=1&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0MTA4MjI2NDM5NDA3MDE1OQ%3D%3D&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-njaP7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0MTA4MjI2NDM5NDA3MDE1OQ%3D%3D&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-njaP7ijdniy3B8
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0MTA4MjI2NDM5NDA3MDE1OQ%3D%3D&google_push=AehlK4AVTIk6L4JKznh6Sn-G7ziYtcahu1BugSUVf572NRBa9rrDT9euYRirs4CdvCEWOcAOnefnOQ6G4YHJ-njaP7ijdniy3B8
Date
Thu, 08 Sep 2022 18:46:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame CB81
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECY42khieQGAwZLVwC-MMH8&google_cver=1&google_push=AehlK4CefPdfTpG4mDCHPSCq6151kF0Qz309FTNG1c_Ap7KoAfC1ns4t9S8aUI9kCskTD1GUiAT...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECY42khieQGAwZLVwC-MMH8&google_cver=1&google_push=AehlK4CefPdfTpG4mDCHPSCq6151kF0Qz309FTNG1c_Ap7KoAfC1ns4t9S8aUI9kCskTD1GUiAT...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=p9dpFIKtT7WYvQKoElc5AA&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=p9dpFIKtT7WYvQKoElc5AA&gdpr=1&gdpr_consent=
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=p9dpFIKtT7WYvQKoElc5AA&gdpr=1&gdpr_consent=
pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
gg_pixel
sync.adaptv.advertising.com/ Frame CB81 		0
0
pixel
cm.g.doubleclick.net/ Frame CB81
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEkIrnvne6DseyWY4pmEA7k&google_cver=1&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbP...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEkIrnvne6DseyWY4pmEA7k&google_cver=1&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTs...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XDyOkqjNQqeOgr_e3TZO3Q&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XDyOkqjNQqeOgr_e3TZO3Q&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbPsZitA
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XDyOkqjNQqeOgr_e3TZO3Q&google_push=AehlK4C5ibnKf-LEThT4bGLDsJN27L2CJIXsc9bHZ4UJyPiMObeWLstDl1NABMsb4BFiNPZuUvhjE1cuP3an3bTsnNrEbPsZitA
date
Thu, 08 Sep 2022 18:46:20 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame CB81 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFIq46vNMRMKrogfBduSkGw&google_cver=1&google_push=AehlK4BrGMy17dEenm_mKcyoELp4I2jU27mJMRL3AoexVJw6V1AgWBferFXcdAIKAVQBpFoQmFhK09SkUc7jMI7EeHIBbqSa--w
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
content-length
0
um
sync.teads.tv/ Frame CB81 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELlVujiDlWKPB4B4fNTK_Uw&google_cver=1&google_push=AehlK4C32TBnciFzuEsqBPp2DzvTqf6l_lpDxVbT9ZkagzkH9PujGoOgUgexSxB6L1bUzNMqpNNQZ-OBmPkss4SHadQDw8M3eVNX
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 08 Sep 2022 18:46:20 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame CB81 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlP6SBFm8Pm6-_HvPvQtNQw4dGA6_a04yUwTr46gKgxv3w425Wtn1ZTvyjjA6Xws0egKU2Kg
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
8r8486r51587s62023rs6o41nrrqr72q.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 KB
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8r8486r51587s62023rs6o41nrrqr72q.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f8eeabbf710a5585af82b27dfad0ea23086cbbc58d79e5796a966a13ebf83e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:43 GMT
content-encoding
gzip
age
3218
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 08 Sep 2022 17:44:54 GMT
server
AmazonS3
etag
W/"de512b0ba7329ef54912ab5ba8cfde15"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
NTV0TYJ4cChE2NgABZfQU-aMoSGtbxeCnFcsNvWL4CJchCDACCHAOQ==
1657637830060.css
s0.2mdn.net/sadbundle/12276200816478547214/ Frame 927F 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d656f49ac878039d3910fd7c6e03b2c56998038a48acc6a57fb83b2eaceef50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2417
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:09:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:09:28 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 927F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 15:19:19 GMT
1657637830060.js
s0.2mdn.net/sadbundle/12276200816478547214/ Frame 927F 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:09:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:09:28 GMT
1657637830060.css
s0.2mdn.net/sadbundle/6862455919453743395/ Frame 2AB4 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38c06be29860a33641f8ed6095e7e14427b01226d840da7ceaa95b289b868dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2412
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:08:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:09:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 2AB4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 15:19:19 GMT
1657637830060.js
s0.2mdn.net/sadbundle/6862455919453743395/ Frame 2AB4 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:08:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:09:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DA94 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4D05
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPhDiWcv07thYyELqOhMeSE&google_cver=1&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp8WGR2VtxFkPr4WYnM&google_hm=FFJsQN9qTh-rslUNeYKk74Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp8WGR2VtxFkPr4WYnM&google_hm=FFJsQN9qTh-rslUNeYKk74Q
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DEcAhuGIM4TES05B_ynw3YMzQhLnVP27vXv2ZFrQVkAF9u_a8AbDwzzsY3ydKz-2uPfHyw0ArXTnp8WGR2VtxFkPr4WYnM&google_hm=FFJsQN9qTh-rslUNeYKk74Q
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4D05 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBrNS1zT5FWXKcBoV2nkCzg&google_cver=1&google_push=AehlK4CkJoaCBzz5KIJixr_ACgGI8xsZNgKMQSbnBSVjKmtO25pPGduuAg8WgItJiPHVGpl3BuFqxEZylylU-3hTimJUgdiKCs18
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 4D05
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJ8FipsnzVnpUWWYs4gu7bU&google_cver=1&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThmtsMACc3RJM3mczZ
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S3FYZlNBX2NDcjJrWGZsb2ZUZ2FZdw%3D%3D&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S3FYZlNBX2NDcjJrWGZsb2ZUZ2FZdw%3D%3D&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThmtsMACc3RJM3mczZ
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S3FYZlNBX2NDcjJrWGZsb2ZUZ2FZdw%3D%3D&google_push=AehlK4CVlV_Klvl7itY13rTQKw1qxAvJmTcM8TRp6C235KB6QdN3MH2Og4VL7wKy2KJdVUtdIklG7CD67WThmtsMACc3RJM3mczZ
date
Thu, 08 Sep 2022 18:46:21 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 4D05
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-74a466dd-2ee9-4fa2-9267-6b12275dbba7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CiVuUKWr19ygLg7EtE3...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&google_hm=A3SkZt0u6U-ikmdrEiddu6c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&google_hm=A3SkZt0u6U-ikmdrEiddu6c
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CiVuUKWr19ygLg7EtE3pAu9DSTk9Pw6-8LlNtucDCW0_gtSpHGfgVFhxFDCpAj3WBBJavJS_yUf0X00kUkqJPM4UfvvMOB&google_hm=A3SkZt0u6U-ikmdrEiddu6c
date
Thu, 08 Sep 2022 18:46:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX74a466dd2ee94fa292676b12275dbba7003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4D05
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKaD_JvYa2ZMtlQowDUTews&google_cver=1&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DS...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKaD_JvYa2ZMtlQowDUTews&google_cver=1&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DS...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hSTNOR0xoRTJ1RjVLUng0SG9HZHdBa2oyeThKT3AweH5B&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hSTNOR0xoRTJ1RjVLUng0SG9HZHdBa2oyeThKT3AweH5B&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DSLF17tQ2xN5VdhUtb94vuSRb47o
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hSTNOR0xoRTJ1RjVLUng0SG9HZHdBa2oyeThKT3AweH5B&google_push=AehlK4C-T5zunfB5udx3v4LLk7bnQjsMrVlhEftIMJM0P4wX5SQZO-zw_wunqKtTke7ArTL-DSLF17tQ2xN5VdhUtb94vuSRb47o
date
Thu, 08 Sep 2022 18:46:20 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/E4rooAtA/ Frame 4D05 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFUBoXpYpzaA-bXPeXGI77Y&google_cver=1&google_push=AehlK4Bs7gc7VDNsbcCQQzB9gE3vqNb7_VLPtzD_yOJjDFqcy-dTBlFpfR2BqdA7qwdwKd7qkKVrOCZ-ClefIRfM10OCLS2Clcdx
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
/
onetag-sys.com/match/ Frame 4D05
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKB20IgJMQoBPaLcobFVhpw&google_cver=1&google_push=AehlK4BprMfId0vnPt71_ic7mk6dmSQVVG5mDu_OPvZrArbDFdtLY1719zjGSAqMvzhRZenBHfxF-f_FwI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BprMfId0vnPt71_ic7mk6dmSQVVG5mDu_OPvZrArbDFdtLY1719zjGSAqMvzhRZenBHfxF-f_FwI5Feh5FpTCJB6T9CEKl
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4D05 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHdLj4cB6KJvPEA9cca5SaXC6DijfEl839cTDG36Azs1St3sxk21l7a-trazB0OAAQymGBshL0
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 98F4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame FF57
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKEVY0Q-M_ghy1SgGQ5T87M&google_cver=1&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zS...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zSWYAy3PxVfAbA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zSWYAy3PxVfAbA
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 08 Sep 2022 18:46:21 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AcWrGDEoCdd5bvxFZ3TeUMRIXS4sfzZxAM5OZN4MI_dNbmMe3oszyC-oAWMZGpZmfMp5w3tsDqtK7hu4zSWYAy3PxVfAbA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Sep 2022 18:46:20 GMT
i.match
s.tribalfusion.com/z/ Frame FF57
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
7479d8ab3ac55b8c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
10925
cf-ray
7479d8a9e9145b8c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBr9veA56jwcwGJNoJvUM04&google_cver=1&google_push=AehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DNfcR43CdDOwY-Z9NrKwvrRMcq78h_Mr0v6pa6czGb9lRKHnasEOVcK2pGs5ExYV07AvtLewWEykzpP4gAMSZx9-PEnus%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame FF57 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBDLqqYiqSBUwDRWnNnJ_7M&google_cver=1&google_push=AehlK4BZ3C3g3duSb5As-qe28JUY7Aneb210s3-x3HNOVR_RxsotWgobiO1nGCsFc_M7Xovh79tQM8-JXW4Mv2yT4PbhLD3i7T58
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adxcookie
match.adsby.bidtheatre.com/ Frame FF57 		0
0
pixel
cm.g.doubleclick.net/ Frame FF57
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDBPGC3HVma2UXTFmwRtOnw&google_cver=1&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZ...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDBPGC3HVma2UXTFmwRtOnw&google_cver=1&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_Jh...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4ArkxrzjSGIgq0-NVMnA_7QCfBbYgg52khowMveGahRCw4p1hjY2NwxHNHriRYltjo75tswhS1WLSbt_D_JKM_JhHZuD0qr
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FF57
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOVqnXLFeJpizebe-JcpoTU&google_cver=1&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOVqnXLFeJpizebe-JcpoTU&google_cver=1&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1D...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5MjYxNjMxMDgzNzQyNjIyMw&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5MjYxNjMxMDgzNzQyNjIyMw&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-_W5Qv0RQSUSkbQcMmRvu
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5MjYxNjMxMDgzNzQyNjIyMw&google_push=AehlK4CDwrYSh1RrZyqFPc8It9naEz7PT555uOth2Er405RizlH-d-beHgPpFRv2nM4xgoOGS1Dfvcm-_W5Qv0RQSUSkbQcMmRvu
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FF57
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEBMdpUCMIBITV-JyqmWdKc&google_cver=1&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDk...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEBMdpUCMIBITV-JyqmWdKc&google_cver=1&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDk...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae&google_hm=FSIGpGZHFKyRvvwLTQusRZKb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae&google_hm=FSIGpGZHFKyRvvwLTQusRZKb
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 08 Sep 2022 18:46:20 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AwLPWTLMPj520POt7RiUT7CzwO2fXmIw3gCDXajFMEKOE-Bro_SBDSrUewt1hA-k4p1ZFUb5Cjm0SxUfPDks-Xbn4BxWae&google_hm=FSIGpGZHFKyRvvwLTQusRZKb
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame FF57 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2BmzMLn8xWZFODCYJf5RCOG0dcxOaXKQJXO-A5q2UFYK_d-_nT6vJ-V-KGbtjYqLb_5jN
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 0FC6 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEObUKUIgMNZOKgjexYcHEU&google_cver=1&google_push=AehlK4A9-UXSBjpf8E8kHLc4vV253jWmW9Pyhocrxp1MNODxp1KBWaZ5_pSid0tB0ONqA9sQU7ZFWidTQlMmdNWl6UwU2LqDbw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0FC6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBDLqqYiqSBUwDRWnNnJ_7M&google_cver=1&google_push=AehlK4B4q30UQYLVHUMkWCpwHjxngXzCi1FcQqQLF5tLKyv7ibFfaV31m0MHsFzzVrUeFshQI6Y30OmLxbTjbPvuH55ADLDP6Q
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0FC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF11jKXJYDeSDlaoWN2mK7A&google_cver=1&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdURUhPNEUtUi1NNjFS&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK2RFrACwEW11NYTZoFADI3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdURUhPNEUtUi1NNjFS&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK2RFrACwEW11NYTZoFADI3
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdURUhPNEUtUi1NNjFS&google_push=AehlK4ATMPu-nWSeggNvfyAWLgUMHAXN-vBUMtjYpxaPD-1e_Pw6-0iuh1f6RMZRA-46-IYzlUK2RFrACwEW11NYTZoFADI3
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pub
cs.chocolateplatform.com/ Frame 0FC6 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEOHJNcl_XMaadyy3c2CQnfY&google_cver=1&google_push=AehlK4Aq0M1lqAZiJUPcBzYiuHZymkQFxEay3hHPn7Vh-miBni4-MXj9p6Mr1YmtqagPaf3BrLTDvgtL_jYXRjWzCjdwAstw
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:19 GMT
server
Chocolate Cookie Sync Powered by Vdopia
/
cc.adingo.jp/adx/push/ Frame 0FC6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEHE4kAwA-Mo9LVF1pWeYgY4&google_cver=1&google_push=AehlK4BspPv_7Jn7lWz__I-piDiGuNnggttLKFVfNmF4TS-LAQLU0hjNY3E3T98e9VKIenPxD0sNsoqDu4adXqsdArs9Xt18
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.22.125 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-22-125.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:21 GMT
server
awselb/2.0
sync
rtb2-useast.e-volution.ai/ Frame 0FC6 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEC1d65p5qiXAbYYrQ6oFw_k&google_cver=1&google_push=AehlK4A5GXesatxEZPuN9ZWIPTFK0yG9k2NnRVHYMR0nsGPcTE6RdiLGuSEkJeEJGcb-JVoW6HflfRwunuya5Zc5JAhfh8O-p2A
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 18:46:20 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 0FC6
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESENWCp-ufZch4UgMYxVuRVxo&google_cver=1&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk5OeYPNblVYSdtefyHz9084Gdd9Zc
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=N2U1NDkyYmYtYTAwZi00ODcwLThhZDItNThhMWIyMzk4NDRk&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=N2U1NDkyYmYtYTAwZi00ODcwLThhZDItNThhMWIyMzk4NDRk&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk5OeYPNblVYSdtefyHz9084Gdd9Zc
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=N2U1NDkyYmYtYTAwZi00ODcwLThhZDItNThhMWIyMzk4NDRk&google_push=AehlK4DrwpAnDL9-LB5LNOey4N9hGOEiHwztO_Ss0tszrhYs1Ry5nQ5yc68AU24R8rT-Mjk5OeYPNblVYSdtefyHz9084Gdd9Zc
date
Thu, 08 Sep 2022 18:46:19 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0FC6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaGX8H5cE51zY9agiFmzza2AmApwboy-4s8aI9Kf4pnbgq_nFPF5T1r2tLb9SpZN9M8NBB3EE
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame CAC8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
logo.svg
s0.2mdn.net/sadbundle/12276200816478547214/ Frame 927F 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12276200816478547214/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1365
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:09:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 12:23:06 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame DA94 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
logo.svg
s0.2mdn.net/sadbundle/6862455919453743395/ Frame 2AB4 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6862455919453743395/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1365
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:08:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:09:12 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 98F4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9315 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKkvvgn7-ELzajQBpavxrpcaoczJsbdPQojPn2TSnmwXVXeEpAd19mji4VEsSPU1Q46xMMIk99i2OWjM3WHFm2SFFvFau4Hm4SLjwiDbUvnu6cQhRryPPy20I53TYxn19yYRSUH8QJDPe6q_wR5WZQzaZbJGFUXFg-Tc56Abn3iMnsesVXP0K2CH7l5p_7RLHvxzXbqocxDhZraR2RI6Sz8CZSOP3UXalLvE4XW9ugE_S3KzE5Edn-tEmqGiA-xu1TUbnA3oejSe4jCXaovGL1Y35cQNxJ4UHSzOpnzau0D_W9w9dmZO7JM0BLm5xzbT57BJ1qa0HrU6JzggvkQ7pL1uyjCh7boHshakc0gb8TYlCUgKuPzWck_Z4U1grFEpG5ye6rvFm-fEQE6gHmagfsMYPAomdL6744B-Zj_Yh9Gr_wT4yP0WMdK151bz6ubS30sbwvGTx0aXerhjo4-Y2AnNJJUrbq3oMoWhpFE-f-FE-MPU546XcokF6h60fuvmMYeqX8zDT5yX_03D-Var1Z5Fv9KXinMj7yFhLCynQn9HiuE_ZuCND6S4KyGLXgtmLtZE-HB1new5wlHZLQsQKJ2ITUygmDcJe_zkkiPCx3vc_p_e-FyHwkDW5IxnxBPqGu2aFenk8vqA56xWMft41UT5ZiC8--1ORMNUJkBwPAOUxHOh7jCCuJiRnq1_M4Vbhkd5gj0uo3Y7rGPFo4JT3NY0hsRPswuA3zKy-3nF6zA3r5k0fqjmth22u1E82I9qhobKqkBvBuWhE7mUyXd0OFFOBi2eepSIENoJPzgbOnvr-QtIkFyIKTmCHPaZ_8QPr1RGlbIBW_GDyJISHom18PPHvX2GuuptJGtsw06agM56FFkoulKY4oV6rp0ah0K4cpeUSzN8nhxzyyz763_ARS2fbmdrni-CaK43v_8vZJ4hpX5eloIRmeqQSGX9lshYRpG8dwokDFwIRLRb43fhf8SP_b9DQj3gTFu1I4pQbUydjD21b0h71zL9XszXJulqS976-WET28RT0_y0mC_3pCi3Azy556wZ1oF8L2lN6mjX_nVP6Al5d0P8OTJO7jQdC-XCzV1eAM6sdhYVx4J8PrdiabDmxs_9cm79gVxThbUXlMIZHJlpVDxvca6UoRWUtLLjKiWjXaJYE22ZPQ9X9y2_WtqP8t-sLzJsWdCnE11swUTlrXPhdLaa7Rdax3ba03jidp5nc3eglMCyY-mO1Vb-8gx08zcTslrKVG5UDtlAInaJyGSaA-IsIbiHs3-fL45UWCPd8XAUfDJqZT&sai=AMfl-YQOcGY36pQBbNlagAvbJMqmsWCOOlQoCRC4KLAnkwRLZxt3YCm98K0EJL1eZFn5qOKm0hsdoUxECJTtjw8y1UMsdK1bcVp7jn9_FRM0BBnZTsKGb2QEj6wb5yGEIqfwnyJMNuNq6miYF61s5igCLpV--xS4WtBgMzDpj5l2S1S62aXdVMFT-ktAKg4INYZCUcDHf8XvTsaYtojoWRQe8Kt9_Ij8&sig=Cg0ArKJSzI8a7a5KxpqCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&vt=11&dtpt=190&dett=3&cstd=150&cisv=r20220907.02581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 45BB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCyTafB-a3-SDE7e6rVNjr3b3Jnqgici0X3t6Lo9iS1XAvQ0TY3vHhhWruc9mK3zAHrPkcfXFI-qGhiwxFPkCDecoqBEyOnqpNLz5qfJ4kMC14TbSnfhASDimZTIhUsPiLbJR6inZCoCufcUe9N6ddVuP_4hidAD7iSty_c-a8bCC5uM67zYHBUF2skoizdid8lqz_S7Izgwek94fryVnWdwCELCMiTTplSkGRTnFN_W8MLTbG6qV1qYuknqnQzam72XKPYE25sG2I8pA_6Nv0imc4nLFnt3i8GaXl9nGIBhSHac22-jDS-GxV3enDCPCORW3BVUJcf2iWObggVsHfaHzi0hGYJVGlcFHpADvMze74F2iORXquug41PuLb56APfMqkm9vw4lH4f7L5de0Au0DZG-A0bp1eY9I8l8BcMlOMQd9K9Bangwloi1bWIlbBlyN2_6slTikagrG1M5Hls7b8HRJauXD2vW96241Lff5eryNqGjrHOVpXpeM2rEPN5P-1fMZLpc0TGb_IM9MlOHhKyLZ_3zfgHKZhevTIicKoQtnabWshKpnhZAPJsO6b3hKS_Z1G44gY9r6isY32XELwf_1OFkFk6Ju5wiyld-aY2ew3Mx2vYUAdv4wl04OtvgHP3QUCC-XhdacrkVitPeJh8BEHUx4Br9a2nY7sNvdXbpAFswjb_vlB4UDN57t1Y6a-noEPAgoLdoHG-zXyH95kJiWRoxSeClWeFWTMsSg22EC0LU4ha2-f9YqgG7wxUL_tk8VVwvNz_PR_2In4MgYI_tmzHA82yaLAIV7Gob_U1ZjZI_ba5HHf1bxSG6lJHI6oPFi9bB73NhbTy0QD-Sy6RkrDYp2Qr59o1aUxLzschS5wQsdxz-P85GC6NMo-K7IqTMnH2r0CHhct8BEDixGma0Qgo-3DukK3b3dIuAzPExCM7dS-2FrLSfi9cD2ZvtbB2wPsnH5fXMezA1IIzrxfuqW0NhnlxMWqdUORE9GFq6aXTymyp-2gkeJuKHRVxBqV2_mM6LXHylOI7Gfg1Z7-iVx0YvaYoywiVMweGOeGCqWfksAm5kM4wtC3EQadeNGJvw6XsqyePbHvFfWY1rAb_vjJCO1owSJfrEiexfjbe4Ggypx_ZpThOOlO9hsL1r8cIq-nnQdLUj-Rf6HnmD7tMrH9t0cExRkn-HL4KfYO_fLgantCJLPAgt_Z2rgIDHKRMB01mu-R_KUD-S-9jtlugIYFV5CiV_VgjtVozNNZnZUJBzm86HBxhtjBSXTNRmiQ6zgm1T5k&sai=AMfl-YSAjvhDnT3dDB_dVWyPWopL11AG4Efqpv6vSr8jvEBx29TNHBvBxmlNyVm9CaqTHMjezoWXMs8Rg58eBsb5AtIeXw5s16IhfAJ5-h6TgM2ncjb2bjfhdwdU5_RlXpRDLVConwFjyyvbnJngWBzzCdaLyuNpBGCaeB0tiaxN2GV2fWIFJ9p9po25E1Zalufoln8HxFmy1OQIsjl8V3kZQYiPK_DE&sig=Cg0ArKJSzCd7O-7Et4QUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&vt=11&dtpt=192&dett=3&cstd=172&cisv=r20220907.49438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: popcorntime-upd.xyz
URL: http://popcorntime-upd.xyz/?app_id=T4PSEC&hid=ab78e39a2151a94af32d9defb1896c37&ver=UNKNOWN&os=WIN060101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
p
sb.scorecardresearch.com/ Frame 64E0 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1662662779158&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=374340&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2225938&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1662662780527&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1369&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dpopcorntime-upd.xyz%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
Wy2Na9iri-WEtiHEvR2xMqaWaJPUPq5stkFak4Sq719JL5znquzPhQ==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=iMlaogD9khBamdnV&instance=214109862&version=7.8.0&age=220908&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=4362.7&relativeTime=1662&alt=0&sC_ID=8783&sm_id=2225938&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=vxBrONd046&USR_ID=214109862&ST_usrKey=iMlaogD9khBamdnV&SM_ID=2225938&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=popcorntime-upd.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 08 Sep 2022 18:46:21 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 927F 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 12:11:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 927F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdd857db08b4ac79061596b71dd624da5a61f3e2b08b5fc8c5db0deb7bc92a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5726
x-xss-protection
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 2AB4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 12:11:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2AB4 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7550901292fd39dc5ce40a2868ec505fcb4e58b2f520dc13b08604d6c05cd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 927F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2AB4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 18:46:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAC8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmgd7ezgaY6bnO5CV7_UP8pOi0A0AAAAAOAHgBAI&bg=!UFOlUxfNAAZTikH4c4o7ACkAdvg8Wr5olG0N8adjZSVd2FryAsE0Rg5L5HP5O939V8qABBVZHnDeUgIAAADVUgAAAAJoAQcKAAOM5A2ZAydxmJeMaY_1j5SdmdMce5Q_wGYHAxcZXV7-kG5368yQdh07GuRDIutTV1HFhAZ9dxaOdb4ndVV5YRoU8SHSJYpG_4EJkdWggpqL8cSICWJGVoNzY1M_8dvis6IEGB9vqKtBsW5JTABJpapT4gOuG3FWQx5YUp0T61otml3txs9cXnAI7FRHT_fAbU11PTE4HZaFUT7g9YuIzJDTTpIXT5mKSZwr7hIdmaj_xGklcKHBHBYXT2N0_Vg_eMcAuLdS-AWv1IX_AY_UnVQOnHT0sXYJ47yK74gWW52Hsoa5xq2npohynbhbDP6ogOVbPL5dl7CEtMQqVtLbkfJLaqn8b605h5PNJW-JcZxE48GMp-bsDBLrmOwK5kEgzh2NfjCnPQwVV5CzNNKAXrA7QoZ5i5-ro_cmxDrlLuE1wHZ7jR-bCXeDfVRpwxeRJV0p3zWntC8IyA2vwZXO_yAXdQPbsUrj3FtgAhm0-ZCIjWCGEgKQpnMh4X5jcvx5njbR1MWeQZQtlVLFAdA27UG1u_I_-6XNIn4CjkSbjrM-hocijgknVWR09s7ohIMocfnrM-gQmJzNY5IhXTtTrdx7pZMrLNaojDw_9THG-nBkDNz40AqYxrEXj0tXIwAW0-Xau4-IUHGaMdSSNKaANCGRq4iI5mf476O5CmyijnUG4nQF28ku64wgWK8XJAS_zWTKNYzvaw9L7rxOdYT5o8gX2JCtaEFk7t9oz7bp1ELZk8mO4gv6Y68q3uI-tZd_yAPHk7O6zrORk6kmhavUSd2IYE3BFwRUA4ueudC6SPJVW7A6Lq_fookg7ZvJsO8Fsdd94s5azn95xY1wkq5P9zKbpPHOFbkx7LZ8uiyJIvkUkM0Ma5fnw2HYixREwtDMoLpesq6NWvOMwC9EY9GhFp1Srxmygg8cRWXeHZ-H96ZQwobtQSLjgZ1cA4qHbs1B9GhyC-ybiSOvmWrqp9C0EDLd6Ik2e8K__NMDd_NRmrXBf5HY2Rvr14MF9Bvf56opQBxDfuZrqAT8IMGqfn34gqWH9chLsKvQ6Ae7_sFxv2HhVYNMEQ7gv00_kgE_g9o
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 927F 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:37:51 GMT
x-content-type-options
nosniff
age
509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:52:51 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 927F 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:42:36 GMT
x-content-type-options
nosniff
age
224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:57:36 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 2AB4 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:37:51 GMT
x-content-type-options
nosniff
age
509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:52:51 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 2AB4 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 18:42:36 GMT
x-content-type-options
nosniff
age
224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 18:57:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA94 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnjeHezgaY8bDOsaA9u8P0O2k6AsAAAAAOAHgBAI&bg=!GBulG1_NAAZTikH4c4o7ACkAdvg8Woiz2DsKkOsHYRC5l96yhgAG65RO3uRKmEHYpO0pldxcL5aRDgIAAADBUgAAAAJoAQcKABs0vrV9dHMiSDswxVSVacc-VztjKp7uhO9jwTeZAx-t8Go31ziTmAU0DBJ64Cdu9DS8b68yAmOMdzD-uBHML7kIC2-yeZ1Mfh3me72TXNAEVdo6s_4AnxPknKqru595ZPPrLdjtg0W54OTLE95DMtrM_8r3gXY-m2-ygfXdCfyo5lM0-UEhjrs0g_fuuFcc_sfFSpyZsgqdNT28JrrgrWTOaHJA1SuQyEqk424t37CrsmG24dp9Sp7pLxeb1jGF9aAqjiFNbVEAa8jjWIJz_-AbdK0Lec5U_s9YqAFJvJxFhDGKpVSbvmmGDHx1vWHsDgpEYhcuOws5Poa2Ndv1C0tDI9n8Zh9TUQATy3RpG6uj1Hbp5NcrZSiTgTyluNYRBtk_hzhPh1t34CGGVMZpavRBAu22ZzQdrP0sjOYDAOk9KsC67JQtnIcEDrHLS83vR0e5zPdOBOU6eKeFm3u-_XQRtNZJtmqKfPka1BOxRWey0BDLSQyz1We8PyZ0WvURvQfXh-8vsXFBEKTsRsb3NwrUWGMRmXp95xDaIbSb5qfGpypvSHV_3NselQ7USB3b-QsJ5kCJ7pzdNfFqtpaDqBQzT8BdXVAKdx8dWxr3EYI1i_I2O2asbOHgEabPEfKzxecV9kG2yT4wl_t9a_zL6dLSw9HBTEhSUwaPF8hIUaPjp5p7mDJbD94z3G3dEa_Xi14ijOqBThEDqWj31VuQlbczNCReRYuhAOylG8A_WLy65BSz1tTOXPivMOtkBYLW4hzkuFyh0NU0pLO4JUg6YL71VPv-kEPNqKpRllXwxE-BNsUZuX3Bj5eGi8zMr2682_6ftdNcEIvLGEgLLwzl8nIZiIfZh6tIr3gbFBXY7QvjvfTHsZ4ffhQiedtqCUEB3sWRS0liQmQlyQV2aStYdT3CEjplmPxtIMAO2Wuk7vcpMn9Pe0D6eHCUJLmUeC9UYUVTe5MM2Ibn3f7RQjpwDubbjhlGzuzyq5fNMOGJpb_CjnUfsdGfxGL7GFqeajpTqPLr6gpf3-bJtVFWLAA8FGN0ABXviedC4f4TF0vlr7DbJtYmQz5Q8_a4GilFZUj2Qpg0RAy6xtOMaJgU6Zlx
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 9EF4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv1pNezgaY6H8O_WO9u8P65GLwAQAAAAAOAHgBAI&bg=!qaqlqu7NAAZTikH4c4o7ACkAdvg8WseiVh1b4YVph_rmAhFse3WywwG6qVq_-juDwl8Hbw1P7XmYRwIAAACjUgAAAAFoAQeZAwzjT-xC-EF9OO0t3xHGhZMxxAnvPpWQ8XiArq0ElcUzqsUsFR8CpvI3kKkvC9XA8pT0AanH9fImMSdeScCx97i3V2c5A3__B9pce9-OMqNMzvNDquTcew1XLQ3J-2V7FAY8rZsKZ4YpZqDa7-ciAU7tNUgoo9BVyj0DuQ0L8hQa3cEpqqrGjvWhrtlKVerW_MXT9y9pSCqqXxu_HnNUFd4UqCH73LjefP5bL-FxWlWNIGAIEVfTIDKtB_mimdpuKq0ZHyZcotQc4YE-5G97MYQBUOYF7-cajk2Qcb5suQc8O8BSVjc5WtoWncKk7LgKzB-OefDgWG0nmCBqwdDySLL1YnLaKidzYF7-h3ZgpNRdqfogPvMW8NOrd_dhjHRhK4X3efxqqikAAPhBb_9TGQ_Qv3__3cN_SK7ySMRhERgk5jG3XE3-DaQSQPVCCB6oAIa93GgHk3b_-L0fauqJiuugYCcESgUCi98Z78wByo6nejIZQJIXjz-42qWUM_9Xx_Y6yQ73flMK6Vips_XnYSrHlLhlbv_HHIflkvOcgQZ0gNaq04dnGVJcG5OGEzriypnZS2XxwhJ0jKb-1gdX1C5IRM1ZkC0buQy8tvlK9MTDJ4Rct8jJQxmlEL1Gzb7PZMbdDPzL55TD9-QYFD86bL3d8WW51JEDHigaMelHO_u9vQRsXPHCNHbWJrKAnMypsBqBh_0ohXvJ-v7aaY0agzOM2EcGjchdlNsmP14_uR3KOhVoM5NbvTlKikYVilu582Cge9qbJxvjMJhW49RvHDkUgcOHjoTwL7RFocNa0TOZyXwt1Gty-ZiIrdbU3amUn07UmDBmcglWXJ5CPyyEfOS_RouwU_TgXZuxX_v88ZUS-giJvh_uEzH0kGzCmBuKR5yHoP-429ZwAo-sGx2nBkFqoiVGCi2Dd0d_1kBNWhv6G7Ys73qSuVZ2Za5PUOkvKUTNnUrc_bt1xkBfoohMhUOV-2a1xCTNiqNMIoHscAlR_0lVtJnQj0WPDvIEHXVAt4y1_HGBYyywPNVyWrU
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 1C93 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 06:39:41 GMT
mq_700x1165_2207-anf-s-liebe89307263-81c2-4617-9f9d-480e3b55f960.png
s0.2mdn.net/4528404/ Frame 927F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mq_700x1165_2207-anf-s-liebe89307263-81c2-4617-9f9d-480e3b55f960.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9be6b0b849d323028c50f0c58f4e4c9e6466757fc03fc23b5242c2ad97f743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 03:49:12 GMT
x-content-type-options
nosniff
age
53828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43958
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 09:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 03:49:12 GMT
mstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame 927F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ab586b4859310b0f3581292733d7f7cbe3b0940ad0162114b24894b100c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:47:06 GMT
x-content-type-options
nosniff
age
3554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11055
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:03:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 17:47:06 GMT
lq_865x600_2209-anf-m-iconsf3276ffd-3e2f-4c72-bfa0-4e4b107f791c.png
s0.2mdn.net/4528404/ Frame 2AB4 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lq_865x600_2209-anf-m-iconsf3276ffd-3e2f-4c72-bfa0-4e4b107f791c.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f4aa8283563d5c30561f90acaad01482e0c92107ea7971363598481b05d895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:00:57 GMT
x-content-type-options
nosniff
age
42323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56930
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 07:43:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 07:00:57 GMT
lstoerer-gbplusfe3b0b02-46f5-4629-aed6-df612d41c893.png
s0.2mdn.net/4528404/ Frame 2AB4 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lstoerer-gbplusfe3b0b02-46f5-4629-aed6-df612d41c893.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e46afc161ff298f9ec7c1182161305b13c052d19669f80cc22b9cc8eb1f6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:48:36 GMT
x-content-type-options
nosniff
age
17864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34102
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 15:46:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 13:48:36 GMT
mq_700x1165_2207-anf-s-liebe89307263-81c2-4617-9f9d-480e3b55f960.png
s0.2mdn.net/4528404/ Frame 927F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mq_700x1165_2207-anf-s-liebe89307263-81c2-4617-9f9d-480e3b55f960.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9be6b0b849d323028c50f0c58f4e4c9e6466757fc03fc23b5242c2ad97f743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 03:49:12 GMT
x-content-type-options
nosniff
age
53828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43958
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 09:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 03:49:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=2324073275517934&bg=!JySlJGDNAAZTikH4c4o7ACkAdvg8WuXdmKvIeX0bNS-xAd0t-gpbiGSY0AgQ8BXsW-gOpqzJ7AHXFwIAAAEuUgAAAAJoAQeZAvhtamogo5TRoYU0d0jHkNXeNMrwm1bwoVB9aE-LpxXuF9u0x4dP7NuYCqQViTNO6b2ZYyHCeNSZepqOK1POOOBzUxzMuxZDvwwQP_T7aM4Rhq8vyjFlirRNBBsPCIALnpVaFnRx8pYZTEIqhe_EKXLy4_xj6jTzmpzCO2DwWhpYa8xNXqhvKulQf_v1JtB-m9J4bP2jt4tRYU1QKc1VfH_cuA59wTCIOCKOkP9n8il_6BQ0PbqVfEPjwtzyWzno7wNqQrYFNxnjR-ow7g_S4pp1kLsaaINP_ZNM7HTYV27X-jh_lrADrCCcbXwwF3Wrb0LUVWQEeOPJzhRjfDGfw-y4uYL5EmJA5lEa1XuiNmrrf3IS6W1f_O8y73y_aDDElEZ8D9cBa2kqwR0vb52yPy18RH8rGyEdbsYERrYTxiV-IS7aAsBbTq89MeHTx6QeWypZ42ltTHDM9Km9QaNrPjJn_pPKfbvV7wgDb-bMjshFS_dPKSPXSIqjaD1LpqG_HiN5VbwjzYetmJo1zvdqLQXrp04aJYuSbyzb8YwsAlyScrzDdgv92XysUHXvTdemyKD8eNuRKNfRLcsuAAUqrw57oPiyLCBVTMJ3m3cgj3gpVSqqV-K36wPJ92ct-FnzwGfcYuR9NGNVqteAc7ve8ThMDxsSBvN6BMDORgvL7QvkvLDwE96OUen1nRW0GYwZrKOAMZvtBGUqmY6WBPkKMn6iSl_LvV9SMx1hhhXrTLcBu5d1aAdLe_Nbc0okkVliXgtqCtcCcNuDPO2dhrtpktrNH7pschoGJVn81dfNOdsiPnqKzPFBoSDGbS1EEohXPdhjo3N4UcaT3NKZDteIcxypDR6FDpjHH9O8D9RhlcOG7tSNe-VYdv8JHMhaXpc3EV6N7jQbc47sWv5krwPETbZyfOGBxuf8tqfeu9-yXguMVeyeoS6sGGB9SzAGQGleik6vm7o43UQdgLpuvab0A4fE7mMzXrszXqqN1XTbAqOcpfE7VQaBLIs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
lq_865x600_2209-anf-m-iconsf3276ffd-3e2f-4c72-bfa0-4e4b107f791c.png
s0.2mdn.net/4528404/ Frame 2AB4 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lq_865x600_2209-anf-m-iconsf3276ffd-3e2f-4c72-bfa0-4e4b107f791c.png
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f4aa8283563d5c30561f90acaad01482e0c92107ea7971363598481b05d895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:00:57 GMT
x-content-type-options
nosniff
age
42323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56930
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 07:43:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 07:00:57 GMT
truncated
/ Frame 04C9 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26301d8cd2cf0c481e905fc6aeb925576b46c3149f7986e5a35c7c1c265a5bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 760D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca3aa740394c5e9e7cec91f1b2a6eea8abe0259e87334fe4042709adc6d0638

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9315 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9eeab86bec0ffed75e18f0cc9187ce1b5af1ee64f4cb871ee32216442430133

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 45BB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
887793e2e16cab37521366882e1bba0af8e21c72fb026702af76c46756677c0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 760D 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:36:54 GMT
x-content-type-options
nosniff
age
79767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 20:36:54 GMT
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 6E8C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
URL: https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 15:19:15 GMT
usync.html
eus.rubiconproject.com/ Frame FF8F 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Sep 2022 18:46:22 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FF8F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 18:46:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34644
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Fri, 09 Sep 2022 04:23:46 GMT
khaos.jpg
token.rubiconproject.com/ Frame FF8F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
activeview
pagead2.googlesyndication.com/pcs/ Frame 04C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVTfpwQhYBEwU6Z9sDopgeFXJQWkYQi4JPwdKUJ9Mq7lrSFnnzm5MNbvRrOQWFwHIdIsSINBwz2HSXZ3fJ6EmX0GsjwPYKxLUKHE_y_xaDxep5ijk9oKGy2MB8BvDcRT9IZw7MeA&sai=AMfl-YTnXkkEF6G4SaYONR--uxTJ1izGanrcFFgbHjpHJg7ElAo1bbcaRtYBxxnCaCQL2DOYaWaNeH7tCM7-i6HnBHdnrimkmHIfdp0LzA8yZc4ok86NV5bD-DChEMPN&sig=Cg0ArKJSzB9KT5y9tgc7EAE&cid=CAASJeRofFolFU3AR72IxVRL2uD8-hdtgwrPqoBpJi3ejroJxH0woxQgDQ&id=lidar2&mcvt=1000&p=538,1250,788,1550&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3084627070&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662662779829&rpt=1931&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9315 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv35IRLpdx_5fSjREkpHJ6ATwy6dw6_a_2UdmZC41Zc_TQWDv1ozkxMOluB3dYdkqv3Tm1O1zcJmoclYt9w9VNGCgDQsaI_8w75Vw5Y0ghQzkDsfxLO0maJbcqWI2kAsvwl1d6AAQ&sai=AMfl-YQ3BR9aERE0D6sK-O-fZro-C-0rgnjAO6vUWlCRm7q_Q0TQaPttOlqp9qYhaDfhL_HVdNwSeEdRqGaBKuAa9UZGzrkPhjjM_1aelio3pdZGlE0terjBgFSMnY3L&sig=Cg0ArKJSzJRLYORWIg2HEAE&cid=CAASJeRo2Ee9Q84dJGjGrIGxqHARUQFzBLYC6zdlW_yFWK4u30Bxde0gDQ&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=585593&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662662779836&rpt=1948&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 45BB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKwIVJqMhj7XbYmQUHcSA7UlHgltf869ki4dNSjP6Gip9m4-2QWsBGvvWhw4nSCoZHCU6vqFA-6zvp-iuCZlneBnyW23HCuICBIn9_6A3F_3prnyzpYRKtkDyYLXdpQ3xjE9DUvw&sai=AMfl-YSDuvB-lJpZg9cMrIsvdcSunsyQttlOzDKG2o_ITHG1mcfmCvtIqEd0QSZIEZBVYqhBifvOIO3_aTX6vJYtkpefpU8e16RCRSlhclcszTz4nZKQlLSIB-bklV3P&sig=Cg0ArKJSzFN46nuXN42vEAE&cid=CAASJeRoLGu1FN4yWQNt1AIeLw6o3r3FvUax54tEf7LTf8_w0tEzUGAgDQ&id=lidar2&mcvt=1000&p=193,315,443,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1454962489&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662662779820&rpt=1979&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 760D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7tehnv5&c=7141863004245&slotId=3570931502122.5&qqid=CKfB3MLthfoCFRfqGwodZiYMyA&umsem=0&ape=1&ple=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d7828440eca131f8024d59f2851a803e.js?tag=video_location/web_och
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400f:803::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame 927F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ab586b4859310b0f3581292733d7f7cbe3b0940ad0162114b24894b100c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12276200816478547214/index.html?e=69&leftOffset=0&topOffset=0&c=e5t3EuHsVU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:47:06 GMT
x-content-type-options
nosniff
age
3557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11055
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:03:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 17:47:06 GMT
dc_oe=ChMI4aWHw-2F-gIVdYf9Bx3ryAJIEAAYACC03uxKQhMIqcHcwu2F-gIVF-obCh1mJgzI;stragg=1;&timestamp=1662662783856;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 9315 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4aWHw-2F-gIVdYf9Bx3ryAJIEAAYACC03uxKQhMIqcHcwu2F-gIVF-obCh1mJgzI;stragg=1;&timestamp=1662662783856;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lstoerer-gbplusfe3b0b02-46f5-4629-aed6-df612d41c893.png
s0.2mdn.net/4528404/ Frame 2AB4 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lstoerer-gbplusfe3b0b02-46f5-4629-aed6-df612d41c893.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e46afc161ff298f9ec7c1182161305b13c052d19669f80cc22b9cc8eb1f6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6862455919453743395/index.html?e=69&leftOffset=0&topOffset=0&c=lqaQoV89H2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:48:36 GMT
x-content-type-options
nosniff
age
17867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34102
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 15:46:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 09 Sep 2022 13:48:36 GMT
dc_oe=ChMIhu2Fw-2F-gIVRoD9Bx3QNgm9EAAYACCrvfdKQhMIpsHcwu2F-gIVF-obCh1mJgzI;stragg=1;&timestamp=1662662783862;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 45BB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhu2Fw-2F-gIVRoD9Bx3QNgm9EAAYACCrvfdKQhMIpsHcwu2F-gIVF-obCh1mJgzI;stragg=1;&timestamp=1662662783862;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 18:46:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8r8486r51587s62023rs6o41nrrqr72q-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		499 KB
500 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8r8486r51587s62023rs6o41nrrqr72q-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2890c577b4d663c694b1786cf0716f694ba9cd6942764d5217527b65d42175ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:52:49 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
age
3217
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
510984
last-modified
Thu, 08 Sep 2022 17:44:49 GMT
server
AmazonS3
etag
"6898d79f17e0f6e7821efdef4a83a28c"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
TEPzkjPWamA4HrIYdD_Xu7kcSaNlVwRyP9Jmq5zFQZFx5i5N-iNHBQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDshe4LhxNlRGQFu0z4Whd4&google_cver=1&google_push=AehlK4AICl4wyqxBJGhvyHd-eiraFJNnDR89v4QGzKpZ2B-mle9VTfCJxIbHkPXG0T7u_CpkU9OREhSoMuuLMIiyMh7PF8DtxZ4
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEOa4wKj2vgTp8rfY5g3l1tE&google_cver=1&google_push=AehlK4De7lJbRy4JNdNTRPhtgQnToGKeLRYYse-yfeuHH46ggQK_c8xVH9uB7wqdpTczAkuk21NbzaxgDpYPeFYyeMc7ml8POSSp

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet function| myConfirm function| myFunction object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| plBanner function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_71902 object| closure_lm_253500 object| GoogleGcLKhOms

45 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: 6i6p1bqgrrd049rve1d2u48bqb
simcast.com/ Name: uidinfer
Value: 24343017
simcast.com/ Name: _uc_referrer
Value: http://popcorntime-upd.xyz/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBCORS
Value: pfLWecHNdMQVOxZ3mK43JQlSR3YwT3U/1xnJIuwIgqUoud0TyKD0CVGThe1Z20zo9L1tyuD3WZ4MUue58A4r6igXiTC8J0ZhMuR185KOPRcNVwYXeeI/BflGSw7D
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: _ga
Value: GA1.2.935957642.1662662778
.simcast.com/ Name: _gid
Value: GA1.2.42972524.1662662778
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1662662778_1662662778
.doubleclick.net/ Name: IDE
Value: AHWqTUm9uAXlnegq4Yse8Y8adIJuBE6_yiQPJGr9Iq2aMEtQAwvh6a0h4Vg5fLJVr_E
.simcast.com/ Name: cto_bundle
Value: 8pa-q195Z0UzcGV3Mmg0SzJCSFBRSllCVGM0TlVnUnVKVDBEbmpPJTJCRDZlOHUlMkZ4YTlTSkdwbThHVFNFaEVOTXBIcThsSVVpYnAwYlRlYjUyalk4R25HTWJDTzU1ZW8lMkJGb1diQ2JzV3NleiUyQjZKSERaZzNobUNzS1A4NFRrdEVDSGNodFN0
.simcast.com/ Name: cto_bidid
Value: 4gDzFl9WRm13SUlOS3hOZ3Y4Q3BPejdVMkVtVTB5anglMkJnMWljQU90M1NvNSUyRjAyMHFEUXZDQzBDYkczSDhxM21xck1kNUI2OGthSExVZlk0cFZQemxISGdHREElM0QlM0Q
.simcast.com/ Name: __gads
Value: ID=fbb543c96267455a:T=1662662778:S=ALNI_Mak7dRvC391gbDEC4zRg1v6oM-ZFA
.casalemedia.com/ Name: CMID
Value: Yxo4fCTK-e6HNj1hXnf8QQAA
.casalemedia.com/ Name: CMPS
Value: 1177
.casalemedia.com/ Name: CMPRO
Value: 1177
.casalemedia.com/ Name: CMTS
Value: 1105
.360yield.com/ Name: tuuid
Value: 5c3c8e92-a8cd-42a7-8e82-bfdedd364edd
.360yield.com/ Name: tuuid_lu
Value: 1662662780
.adnxs.com/ Name: uuid2
Value: 210977635994946401
.adfarm1.adition.com/ Name: UserID1
Value: 7141082264394070159
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In4nTliA!]tbPl1M>e)ZlrFUfJ+tGXxo@B-^Vn>7Y+kC><lGM'#mf@GRi)_.zyF37vJ`3If)y3KL9D3I?-0%U*Wz
.blismedia.com/ Name: b
Value: 631A387CF00B167FDA10EBBFBLIS
.quantserve.com/ Name: d
Value: EDkBCQGGJ4EA
.quantserve.com/ Name: mc
Value: 631a387c-74053-726f8-69929
.ctnsnet.com/ Name: cid_14526c40df6a4e1fabb2550d7982a4ef
Value: 1
.ctnsnet.com/ Name: gid_CAESEPhDiWcv07thYyELqOhMeSE
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBHw4GmMCENdFbS1FXogp9GeQQgG1bjsFEgEBAQGJG2MkYwAAAAAA_eMAAA&S=AQAAAhXyGRfNy9g8cjwLlJqH5lo
.ads.avads.net/ Name: av-mid
Value: 7e5492bf-a00f-4870-8ad2-58a1b239844d
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.de17a.com/ Name: guid
Value: 1.8888601145356344413
.adform.net/ Name: C
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~271u
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-74a466dd-2ee9-4fa2-9267-6b12275dbba7-003%22%7D
.tidaltv.com/ Name: tidal_ttid
Value: a7d76914-82ad-4fb5-98bd-02a812573900
.lijit.com/ Name: ljt_reader
Value: FSIGpGZHFKyRvvwLTQusRZKb
.adform.net/ Name: uid
Value: 6292616310837426223
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjI2sTI0sgAAEjD/QgkAAAA="
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-74a466dd-2ee9-4fa2-9267-6b12275dbba7-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aPns6EwZcF1eoXarpfrgRZbtaoaBQ7ZcZdZdjZdIFsBx0W9tY77mXHZbDxZa4rLHfg9hbMHiVdcdF5NHBkRt7p0qjHFI
.c.appier.net/ Name: _auid
Value: KqXfSA_cCr2kXflofTgaYw
.c.appier.net/ Name: _gu
Value: CAESEJ8FipsnzVnpUWWYs4gu7bU
.mathtag.com/ Name: uuid
Value: 481f631a-387d-4600-bc46-3eb00a0be8d4
.mathtag.com/ Name: mt_mop
Value: 4:1662662781

10 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=popcorntime-upd.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDshe4LhxNlRGQFu0z4Whd4&google_cver=1&google_push=AehlK4AICl4wyqxBJGhvyHd-eiraFJNnDR89v4QGzKpZ2B-mle9VTfCJxIbHkPXG0T7u_CpkU9OREhSoMuuLMIiyMh7PF8DtxZ4
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.teads.tv
a.tribalfusion.com
a21a76fd2203a57285090547163a0d21.safeframe.googlesyndication.com
ad.360yield.com
ade.googlesyndication.com
ads.avads.net
adservice.google.com
adservice.google.de
adservice.google.se
ajax.googleapis.com
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cc.adingo.jp
cdn.adapex.io
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cs.chocolateplatform.com
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
embed.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mts0.google.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pixel.rubiconproject.com
player.sendtonews.com
popcorntime-upd.xyz
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
rr3---sn-4g5lzney.googlevideo.com
rtb2-useast.e-volution.ai
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simcast.com
ssbsync.smartadserver.com
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
match.adsby.bidtheatre.com
prebid.smilewanted.com
sync.adaptv.advertising.com
103.229.206.241
104.18.12.242
104.18.18.126
104.18.19.126
104.96.145.246
13.32.99.105
142.250.181.226
142.250.184.226
142.250.185.162
142.250.185.66
142.250.186.162
147.75.85.234
15.197.193.217
159.203.145.121
169.63.109.126
172.104.121.22
174.137.133.49
178.250.2.146
18.198.174.222
18.208.240.0
18.66.108.49
18.66.147.73
18.66.97.68
185.64.189.112
185.86.137.122
185.89.208.11
185.89.210.101
185.94.180.123
192.241.157.60
2001:4de0:ac18::1:a:2a
213.155.156.180
213.19.147.45
23.206.210.112
23.35.229.56
23.35.236.247
23.35.237.56
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700:4400::6812:230b
2606:4700::6810:84e5
2606:4700::6811:190e
2607:f8b0:400f:803::2003
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:1b::8
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a02:2638::1c
2a02:26f0:3500:16::215:14a0
2a02:fa8:8806:16::1460
2a05:d018:24:b002:d320:1e1a:8a69:d2b0
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.126.56.137
3.127.126.125
3.64.74.79
34.107.148.139
34.120.133.55
34.199.89.150
34.234.134.156
34.96.105.8
35.157.246.167
35.159.6.67
35.170.30.54
35.186.193.173
35.205.207.25
35.244.159.8
35.244.182.124
37.157.3.29
45.79.244.12
51.89.9.254
52.28.42.131
52.29.135.93
54.65.22.125
69.173.144.138
69.173.144.165
72.251.249.14
72.52.178.23
85.114.159.118
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095f8d00444e0c75eb71d5f59e193dc124be1505b05510c6646ae17b9c77f9a6
09ea5afd9073e585a47914a836af6e9ec26f680f9df06e743b20ef638545436c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc2f49d879c7aea267c8a9bbd49de4ea0c820c96efb4189befd463cb98218f8
0c5170e612160c8237aa593d7e2b1befce05a970e69af0d521b3a06e065e53e0
0fe2b24cdadb395179c83e3b721beb65a92dffc5a892681ee4a4c3dcfcfff3bc
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13fe01313ff58229d647d5e1980db0f7b18110a31c366b442cc1655bc3e7319e
1529bb9a278511579364bd93d65cdf31f8c519c6b0a7e45f465ebdbb1d57af53
165f087de62cfacab30a284c76e754b183b95106a54be71a7863942dfc371ae0
1a784f670d62ceafd816794ca11d7d61829c4d7f9ed4ba18c18d07eefb985b8e
1ba05643bef58bc2d401ea9c54097cf90d0c3d49e0b329dd6fb33f7ec1ec4ff3
1c728c79088b6206fbc8ac7f24a7ae448dbb7ca86e900eaa6869ff6fa03d49a8
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
20a359bbb9bc18138a38455daad5cef1900ac43a5f256967f6767f0fb8d56331
2249afd53c3eb775f641018eb3bfcedc9dced08382941544ce8ef152e46b471a
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
26301d8cd2cf0c481e905fc6aeb925576b46c3149f7986e5a35c7c1c265a5bb1
2890c577b4d663c694b1786cf0716f694ba9cd6942764d5217527b65d42175ca
2b37cc1a2b4338afe6380d90ec92103560e7c18c813198f26cb62a5ef623193a
2c9964778814967e3c53ff188c7831ff74e6005f442d32c71dd2389dae296b74
2d07367f4c1f1236b61efb838de4e9507d1e3be5779476f4026c02054acde25a
321329d75990070b07e571362ac64da2fc58237054cdd1474dd39fd38ce52372
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
33e46afc161ff298f9ec7c1182161305b13c052d19669f80cc22b9cc8eb1f6de
3463c84bf9a9be40b5578009a961382a483b90a4c512ef659127b364e9a5e175
3781d92ee872bdb9d30b9d87717f190803a39c81294d123e1550fa363316a039
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38c06be29860a33641f8ed6095e7e14427b01226d840da7ceaa95b289b868dd2
398f148d575b1f4c17dbec630dde9df00c95d21390e904a3acac81917d86fe7e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3ca96313697c09cb430fa7124e2b4dae158d7d14fd4fe0d08e8118d899060b5a
3f8eeabbf710a5585af82b27dfad0ea23086cbbc58d79e5796a966a13ebf83e4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400ce77a1c5f0a25d7ef71d592489f68c8765b4f7ff9e5128806eab5aff72759
41c08e4fb63aa032e7fd321127d3c60c6eaf64a2333c0f1f37992c741023b0fa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4cfe888d4b2130e501d6905a564d82ed77984f95ad7c59e7475aea3cf6bf4869
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4feeb165b9a1c775f338d9f9cd8933f5acac65cb44b4ebf73f4bcd9cc07ff9
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
52e5fda08011891373cd4171e993eeb4f99da0f66e1d8d8fa36b8b43c4c69a29
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b52127e93c4ab38834ee254c6a791108c9cfe3bb0712c74b41e46eabe93fe6
57a2a8583ada42c588d082274a1f713a328c856d8042b850406eabee4afb1bd5
57fd56f25b8e03ed38c2a6cf8f3140ea81646f1b19b5265365ff1fb831b65d60
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a012d5f025df66067989a1de06f3ad5c15349cc0a336c62284e0640b3ff1933
5bd4f3b36591ab11bd8814497aa6a57db6bb932037cab23f67984e24424a8c13
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
5f031108de94f7749fa61229f92dafea0721fc99f4402697368ec95a5a597148
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624f662b66ee5b5bfe926a8756ee30a98518795bb388bd31229a76d7c31598ed
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65
635e7583674a6470a20717f5a17fe49ae17cefa8abaf069e2ee7f7387e3655eb
63fbc51ad346aea2bb3fe417aa36161dec6f9e40c0cfa69ed6af0ea93e68c215
64ab586b4859310b0f3581292733d7f7cbe3b0940ad0162114b24894b100c8b4
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c3eff99125194c29c16633392ad81c3426f22adbba6dcc36bf0fd1226880d
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d656f49ac878039d3910fd7c6e03b2c56998038a48acc6a57fb83b2eaceef50
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
6f55d7a93bfdd4fafecbdbc2c8f4fa6d5735461d7c56ad361f1ba9534816aa39
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
73b4a3b953450b9a6ac82b792e8a5467f9b03520bf820b7e872658b807cc683e
73e92096e61cc5ea7df6db98368b62ff1f624918e8cdea8ec8c51022426dbe8c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7567e8dd26aec7dbde26c18139c7c8eebd1b6eaeebfb2b76701fc17ba8b182a3
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
7b8fc1a08423ff5aeebc5ad8ed1aa601e5a0abdf4c0bc82795132164351f3444
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
7f5ffc8f9204c97fc6a9f68825e1f8843bb2363c961051500b9de93c616f9bb5
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
80253728f112b7d2d3994f0e9444be0bf002da602645861bd1e2bf70a35aecbc
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84266de6b8dd93ab86d3bef67497ccd85e0dc7baf37d4c55d380d929bf200f14
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
887793e2e16cab37521366882e1bba0af8e21c72fb026702af76c46756677c0c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8459d976f072a5ad5ab85d290c393fee1c6a44d74a3b6f47da0c3869f75aba
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
904fe01a700eec47c299549c53ed1623e5f5c43d8848cf309265ff6955616cd9
90cf78244930dd0c205f02a8b4dc68157681a71f61303c7e18e38530c4232a5e
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b125abc56ee0fa6b2759ef8d939801d12fd5dd52c80b06e43a4c4c61fa61e42
9c5cd3351a343011cbc0046d12c2b8bc8d7a968a09009ddb117fb1dc49fd1333
9f4aa8283563d5c30561f90acaad01482e0c92107ea7971363598481b05d895c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bd22b5ae3e973f3e0662f38ec9ec880ce462ba7d86b31bbab6f19237adb10f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
ae9be6b0b849d323028c50f0c58f4e4c9e6466757fc03fc23b5242c2ad97f743
af0fa7856e7aab81291119c48ab2bef8fecbd98360c0270a866657f761a51da0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b61a680f80431628981895dd25cc3fbac3cfbc93cca9a664c1bba558c0607e
b86992b23fc76ed69ddcedd18ec2b36d3ad8c48b360ae5f16292946f8f7ad72a
bba7e7d138f06d546cbc9963c14120c8889f07a4dc8dc97acdb0135f41f8ce9f
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d
bca3aa740394c5e9e7cec91f1b2a6eea8abe0259e87334fe4042709adc6d0638
bdd857db08b4ac79061596b71dd624da5a61f3e2b08b5fc8c5db0deb7bc92a7a
be4721a7d3bcd9c1f567f000cf1534ac50ea18ece184d7ecbb33dfca5f298009
c0e28194bded91406c41e6a1e5e229dfae282025243f1e8b4a514c5bfb92e2fa
c45d970e38f19eedeffabcd8cb67672ccea6989a7f410bdce5d703850f354126
c78a75a80b0af00889366e2aa77fb18cd28eba4d14d52ba825dc556c88a7a6d8
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2ea2a4c07537450ba91fdbce09767dbe4c93277e9b6cd2b9a810d80b4979718
d2fefdc114a1176e1b918f1f80304627314467a250007340a40dc77808002127
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7
d3b6f8dcf913c675c2e9fbde3d82acc3720a5a3c4ee2d817ee167a38f7cb4393
d5ba6a3ee03ec631ae7bfc8469a774f26fb273f3ebd6197bcf8cd2bd93b85933
d90022c1f38cca768a5a659e6727c5f0d36094e5ad4ea743734fe55f27d5a8f1
d9eeab86bec0ffed75e18f0cc9187ce1b5af1ee64f4cb871ee32216442430133
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
ddf4e9eecc1bdcd9f99b474a569b338adf82b1cb0d97a9746c29b73d78df802a
de10060c023ca2e815886d86d646e53023e381bb465d7120868a4134f26ef5f1
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7550901292fd39dc5ce40a2868ec505fcb4e58b2f520dc13b08604d6c05cd15
e9f1074b8ce045435a41cace78ba36a854241981933df2b7e603cdc4bf304050
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ed8bcca4ab98afc83d531af5f9bf395478682cc23b7ef1969a312cf7b772e143
edaa561bfea7aa59c2bc4fbf0f3d9bb70d7e9134a72c49b3009e1ecdfd807b24
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eebee9534e4d1e3fff2333feab1820c6ec32ad7f7e459d616e3eea600bb63f9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f1f897f2781f811049e1cfabebe95ef14c8aa364cc79fc38bc74bcbe6c8afb09
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f9f8871cc88919f02668a927e35127ca884c42fb768ec9a2835f318d679a5d44
fa99f405ae6df840dd578e54de4363bc946fb9f351a406980e0405fec5039512
ffd7bb8bb7551671d905ff4a01f6d45595b734c36c3217ae06b2cbd7e43d1632