auth-client.q.sling.com Open in urlscan Pro
2600:9000:2156:3200:0:544f:e040:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth-client.q.sling.com/
Submission: On April 11 via automatic, source certstream-suspicious (April 11th 2022, 4:50:05 am UTC) — Scanned from DE

Summary HTTP 108 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 51 domains to perform 108 HTTP transactions. The main IP is 2600:9000:2156:3200:0:544f:e040:93a1, located in United States and belongs to AMAZON-02, US. The main domain is auth-client.q.sling.com.
TLS certificate: Issued by Amazon on May 11th 2021. Valid for: a year.

This is the only time auth-client.q.sling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2600:9000:215... 2600:9000:2156:3200:0:544f:e040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
20	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 4	34.242.106.163 34.242.106.163	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	52.211.96.107 52.211.96.107	16509 (AMAZON-02) (AMAZON-02)
6	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:ec00:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	143.204.93.244 143.204.93.244	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:893::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6812:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1 2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	52.204.238.247 52.204.238.247	14618 (AMAZON-AES) (AMAZON-AES)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:215... 2600:9000:2156:c200:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 6	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.28.129.116 52.28.129.116	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.21.225.74 23.21.225.74	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:5fd:edb0:5599:8b67	14618 (AMAZON-AES) (AMAZON-AES)
1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
1	52.208.185.108 52.208.185.108	16509 (AMAZON-02) (AMAZON-02)
1 2	3.122.174.248 3.122.174.248	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
108	58

8 2600:9000:2156:3200:0:544f:e040:93a1 (United States)

ASN16509 (AMAZON-02, US)

auth-client.q.sling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.242.106.163 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-106-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.sling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.96.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-96-107.eu-west-1.compute.amazonaws.com

dishanalyticsandtest.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ec00:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

10507390.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-244.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:893::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

staging-pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.238.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-238-247.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.216 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20831699p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.129.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-129-116.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.225.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-225-74.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:5fd:edb0:5599:8b67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.185.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.174.248 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-174-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 980	129 KB
10	sling.com auth-client.q.sling.com smetrics.sling.com — Cisco Umbrella Rank: 203285	2 MB
8	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 8165 newassets.hcaptcha.com — Cisco Umbrella Rank: 11218	479 KB
6	rfihub.com 2 redirects 20831699p.rfihub.com — Cisco Umbrella Rank: 225144 a.rfihub.com — Cisco Umbrella Rank: 3110 p.rfihub.com — Cisco Umbrella Rank: 718	9 KB
5	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 302 s.amazon-adsystem.com — Cisco Umbrella Rank: 281	11 KB
5	doubleclick.net 3 redirects 10507390.fls.doubleclick.net — Cisco Umbrella Rank: 263831 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	3 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
4	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	4 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 327	1010 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 837	1 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 438 ib.adnxs.com — Cisco Umbrella Rank: 248	3 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 983	780 B
3	google.com apis.google.com — Cisco Umbrella Rank: 102 adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	8 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576	606 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 289	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5383 adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2994
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	398 B
2	ispot.tv 1 redirects staging-pt.ispot.tv — Cisco Umbrella Rank: 21665 pt.ispot.tv — Cisco Umbrella Rank: 2108	487 B
2	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1730	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 749	19 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 420	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	37 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1607 insight.adsrvr.org — Cisco Umbrella Rank: 642	3 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 823	715 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 440	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 431	238 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1001	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1140	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1972	109 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1259	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 527	614 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 960	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 350	239 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 481	659 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5429	6 KB
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 3499	131 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2973	6 KB
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 6007	232 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 6382	275 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1166	7 KB
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 7964	13 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 727	3 KB
1	c212.net cdn.c212.net — Cisco Umbrella Rank: 13185	1 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	omtrdc.net dishanalyticsandtest.tt.omtrdc.net — Cisco Umbrella Rank: 138404	604 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388	25 KB
108	51

	Domain	Requested by
20	tags.tiqcdn.com	auth-client.q.sling.com tags.tiqcdn.com
8	auth-client.q.sling.com	auth-client.q.sling.com
5	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
4	p.rfihub.com	2 redirects
4	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com
4	bat.bing.com	tags.tiqcdn.com bat.bing.com
4	dpm.demdex.net	2 redirects auth-client.q.sling.com
3	idsync.rlcdn.com	1 redirects
3	ct.pinterest.com	s.pinimg.com
3	tr.snapchat.com	sc-static.net
3	hcaptcha.com	auth-client.q.sling.com newassets.hcaptcha.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	1 redirects
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	www.facebook.com
2	live.rezync.com	1 redirects tags.tiqcdn.com
2	s.pinimg.com	tags.tiqcdn.com s.pinimg.com
2	s.yimg.com	tags.tiqcdn.com s.yimg.com
2	10507390.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	smetrics.sling.com	tags.tiqcdn.com
1	sp.analytics.yahoo.com
1	beacon.krxd.net
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	bs.serving-sys.com
1	contextual.media.net
1	ps.eyeota.net
1	pixel.rubiconproject.com
1	stags.bluekai.com	1 redirects
1	ib.adnxs.com
1	a.rfihub.com
1	adservice.google.de	adservice.google.com
1	www.google.de
1	www.google.com
1	20831699p.rfihub.com	c1.rfihub.net
1	adservice.google.com	10507390.fls.doubleclick.net
1	c1.rfihub.net	auth-client.q.sling.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	insight.adsrvr.org	js.adsrvr.org
1	data.adxcel-ec2.com
1	pt.ispot.tv
1	staging-pt.ispot.tv	1 redirects
1	cdn.pdst.fm	tags.tiqcdn.com
1	action.media6degrees.com	tags.tiqcdn.com
1	action.dstillery.com	1 redirects
1	sc-static.net	tags.tiqcdn.com
1	utt.impactcdn.com	tags.tiqcdn.com
1	c.amazon-adsystem.com	tags.tiqcdn.com
1	www.googleadservices.com	tags.tiqcdn.com
1	servedby.flashtalking.com	tags.tiqcdn.com
1	js.adsrvr.org	tags.tiqcdn.com
1	cdn.c212.net	tags.tiqcdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	dishanalyticsandtest.tt.omtrdc.net	tags.tiqcdn.com
1	apis.google.com	auth-client.q.sling.com
1	fonts.googleapis.com	auth-client.q.sling.com
1	stackpath.bootstrapcdn.com	auth-client.q.sling.com
108	64

This site contains links to these domains. Also see Links.

Domain
www.q.sling.com
help.sling.com
whatson.sling.com
news.sling.com
www.youtube.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
auth-client.q.sling.com Amazon	`2021-05-11` - `2022-06-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
smetrics.sling.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-12` - `2022-12-13`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.c212.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2023-01-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-04-18`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-14` - `2022-05-04`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
utt.impactcdn.com GTS CA 1D4	`2022-02-13` - `2022-05-14`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
*.rezync.com Amazon	`2021-12-26` - `2023-01-23`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-02-16` - `2022-05-17`	3 months	crt.sh
adxcel-ec2.com Amazon	`2021-11-17` - `2022-12-16`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh

This page contains 14 frames:

Primary Page: https://auth-client.q.sling.com/
Frame ID: 934EEA9EE8E5FA87850B7531568FB44D
Requests: 70 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-challenge.html
Frame ID: 903A22EE01164C5224FC5BF305264249
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-checkbox.html
Frame ID: 7E35CBA3F8B14678668E13C3F9957C88
Requests: 4 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/6147;42269;4828;iframe/?ftXCurrency=USD&U13=unknown&U14=unknown&U16=03082365851124528254264496049257114751&U17=screen_load&ft_referrer=https%3A%2F%2Fauth-client.q.sling.com%2F%3F~U13%3Dunknown%26U14%3Dunknown%26U16%3D03082365851124528254264496049257114751%26U17%3Dscreen_load&cb=44692
Frame ID: 9724A9FF3A62555E23FBD6DDA7518FDE
Requests: 1 HTTP requests in this frame

Frame: https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152
Frame ID: A2AF6AB40377921BAF90E6AD529EC35F
Requests: 1 HTTP requests in this frame

Frame: https://action.media6degrees.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=
Frame ID: 59980C3E0561074276D5F0E9CC3375CC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t
Frame ID: B08E3664164297C8F0E847ABFFC5D8FC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t
Frame ID: 26EB37A58ED8362C525BA0D70849250B
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=dppw33q&ref=https%3A%2F%2Fauth-client.q.sling.com%2F&upid=5zum9vh&upv=1.1.0&orderid=&v=&vf=USD&td1=03082365851124528254264496049257114751&td2=&td3=unknown&td4=screen_load&td5=&td6=unknown&td7=&td8=screen_load|unknown&td9=&td10=
Frame ID: E24A313A18E510BF7278AA2F628E0FC3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3d2cc1a3-d378-46c1-8e3c-c0355fe1ab14
Frame ID: 00CF136287A76A43AC849DBC7743D076
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 54AD93F340F53205DFCA93E271B725DC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-client.q.sling.com/
Frame ID: A914D8AED199E947FD5971DDBB0AA8F2
Requests: 1 HTTP requests in this frame

Frame: https://20831699p.rfihub.com/ca.html?ver=9&rb=43848&ca=20831699&_o=43848&_t=20831699&pe=https%3A%2F%2Fauth-client.q.sling.com%2F&pf=&ra=9867657435769066
Frame ID: 7F2E74AD1F1CA1A7E9EF7F1ED9674A48
Requests: 20 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-client.q.sling.com/
Frame ID: EB58B8287AD8106BDC2709575ECEF9E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Sling TVfacebooktwitterinstagramyoutube

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

108
Requests

90 %
HTTPS

34 %
IPv6

51
Domains

64
Subdomains

58
IPs

7
Countries

3062 kB
Transfer

4578 kB
Size

56
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://www.q.sling.com/deals
Title: Device Offers

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/service
Title: Pricing

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/devices
Title: Supported Devices

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/programming
Title: What's On

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/why-we-are-better
Title: Why We're Better

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/account/forgot_password?locale=en
Title: password

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/account/forgot_username?locale=en
Title: username/email?

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/
Title: Check us out!

Search URL Search Domain Scan URL

URL: http://help.sling.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://help.sling.com/Sling_Contact_US
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/promo
Title: Redeem Promo Code

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/gift
Title: Redeem Gift Card

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/latino?locale=es
Title: Best of Spanish TV

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/latino/mexico?locale=es
Title: México

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/latino/caribe?locale=es
Title: Caribe

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/latino-es/service/sudamerica
Title: Sudamérica

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/latino/espana?locale=es
Title: España

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/pm/arabic
Title: Arabic

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/bangla
Title: Bangla

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/bengali
Title: Bengali

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/brazilian
Title: Brazilian

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/eastasian/cantonese
Title: Cantonese

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/french
Title: French

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/german
Title: German

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/greek
Title: Greek

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/hindi
Title: Hindi

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/italian
Title: Italian

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/kannada
Title: Kannada

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/malayalam
Title: Malayalam

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/eastasian/mandarin
Title: Mandarin

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/marathi
Title: Marathi

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/polish
Title: Polish

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/punjabi
Title: Punjabi

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/eastasian/taiwanese
Title: Taiwanese

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/tamil
Title: Tamil

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/telugu
Title: Telugu

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/urdu
Title: Urdu

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/eastasian/vietnamese
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/desi-tv/cricket
Title: Willow Cricket

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international/international-sports
Title: World Sports

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/international
Title: See All

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/channels?classification=us
Title: Channels

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/programming/sports
Title: Live Sports

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/programming/kids
Title: Kids Shows

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/programming/news
Title: News Channels

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/programming/movies
Title: Top Movies

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices/airtv
Title: AirTV Player

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices/amazon
Title: Amazon Fire TV

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices/apple
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices/lg
Title: LG webOS

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/devices/roku
Title: Roku

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices/xbox
Title: Xbox One

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/supported-devices
Title: Download Sling TV App

Search URL Search Domain Scan URL

URL: https://help.sling.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://whatson.sling.com/
Title: What's on Sling

Search URL Search Domain Scan URL

URL: http://news.sling.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/about
Title: Mission Statement

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/slingtelevision
Title: Watch Our Commercials

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/offer-details/disclaimers/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.q.sling.com/offer-details/disclaimers/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sling
Title: facebookCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://twitter.com/sling
Title: twitterCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sling
Title: instagramCreated with Sketch.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242

Request Chain 47

https://10507390.fls.doubleclick.net/activityi;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152 HTTP 302
https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152

Request Chain 55

https://action.dstillery.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount= HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=

Request Chain 58

https://staging-pt.ispot.tv/v2/TC-1732-3.gif?uid=03082365851124528254264496049257114751&app=web&type=visit HTTP 302
https://dpm.demdex.net/ibs:dpid=408820&dpuuid=b1d4e65a4187db1792325f8db0b9a60f8c0af853b98b89d9fe185379b2e62fe7&redir=https%3A%2F%2Fpt.ispot.tv%2Fv2%2FTC-3350-1.gif%3Fcid%3D%24%7BDD_UUID%7D%26nr%3D1 HTTP 302
https://pt.ispot.tv/v2/TC-3350-1.gif?cid=03045343016805501984274047231754605456&nr=1

Request Chain 61

https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

Request Chain 62

https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

Request Chain 78

https://secure.adnxs.com/seg?add=25898131&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25898131%26t%3D1

Request Chain 88

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTY4MDk0NDg2Ng==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENzthtzPje907jw4ahhLp0g&google_cver=1

Request Chain 90

https://stags.bluekai.com/site/4722?id=5124322321680944866&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID

Request Chain 93

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322321680944866&bid=omt9pi0

Request Chain 96

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321680944866&referrer=https%3A%2F%2Fauth-client.q.sling.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=05eacba5-c953-4bb5-892b-4f15ae887f72%3A1649652601.26&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D05eacba5-c953-4bb5-892b-4f15ae887f72%253A1649652601.26 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=05eacba5-c953-4bb5-892b-4f15ae887f72%3A1649652601.26 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMN5yVpl8rlNx1K8B0r9HTc&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward=&C=1

Request Chain 101

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321680944866&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321680944866&img=1&__user_check__=1&sync_id=d8c8472d-b952-11ec-b978-1644f9a80506

Request Chain 105

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321680944866&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321680944866&expires=30

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YlOzeQATts6B3AAy HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YlOzeQATts6B3AAy&_test=YlOzeQATts6B3AAy

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth-client.q.sling.com/ 994 B
1 KB 470ms
423ms Document
text/html 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25d130b5a2aa8ed5436aff38a076113b9a526934a90f55b29599aaca8a112067

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 994
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Mon, 11 Apr 2022 04:49:59 GMT
etag: "2e789a8df114461f8bcd146d64c5cda2"
last-modified: Fri, 16 Jul 2021 16:30:12 GMT
server: AmazonS3
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-id: mrQT5pjQ8UYjVa_n5sabmw6oeYGtXiIFgEzI5kDHmbSH28T15b6ThA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-frame-options: deny

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
25 KB 38ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 864
access-control-allow-origin: *
cdn-cachedat: 03/08/2022 20:52:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 05e5ed60f086d3312e9a913a749b11c6
cf-ray: 6fa119471c2b9b45-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 230ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 03:00:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 04:49:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 04:49:59 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 154 KB
50 KB 349ms
310ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.sync.js
Requested by: Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f24385a088128258a0e04505b4351d31e4965c0f0007566c714b6ab368a9ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:49:59 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:00:19 GMT
server: AkamaiNetStorage
etag: "bd1b097a43d1d33bcaaceeb6dfb62c8d:1648137619.480889"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Mon, 11 Apr 2022 04:54:59 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 14 KB
6 KB 131ms
47ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5357d0d2af9f9f229903150cd774fc34aa8edc291c6db28bae1beaf5117698c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 11 Apr 2022 04:49:59 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "2ebd47c3a8f01ce0"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 04:49:59 GMT

GET
H2 200 app.js Show response
auth-client.q.sling.com/ 2 MB
2 MB 476ms
476ms Script
application/javascript 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/app.js

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e03a3a831a9dcd61d523464f17b82b086925497bd8251a5b522b4c0b4fed78b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b8ef90af9b8e4c39ec2397c2eceb372a"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: application/javascript
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 1659997
x-amz-cf-id: g_KMMcRZMyVUivf2RhK6j90m7-dyuSE23FvSv8lPk6BxoGksz-6FZA==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242

213 B
1 KB

30ms
30ms

XHR
application/json

34.242.106.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

HTTP/1.1

Server

34.242.106.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-106-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9332b538e34b03cb00006f221b0886ab0fb2c71ae02cf16e9f2acee9badbeb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0ddf0d821.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: oVoTz4RvS58=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://auth-client.q.sling.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 207
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v030-0d99b628d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://auth-client.q.sling.com
X-TID: 1uWeYTg2RGE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9425401053CD40810A490D4C%40AdobeOrg&d_nsid=0&ts=1649652599242
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 id Show response
smetrics.sling.com/ 48 B
512 B 67ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sling.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=9425401053CD40810A490D4C%40AdobeOrg&mid=03082365851124528254264496049257114751&ts=1649652599388

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.sync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

02254e1cc43d6c33d037b08436127edcd01315ca23c4882ff9cea506ec853fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-client.q.sling.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Apr 2022 04:49:59 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-r9lkm
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://auth-client.q.sling.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
dishanalyticsandtest.tt.omtrdc.net/rest/v1/ 363 B
604 B 115ms
38ms XHR
application/json 52.211.96.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dishanalyticsandtest.tt.omtrdc.net/rest/v1/delivery?client=dishanalyticsandtest&sessionId=85936210e31a40f58fff5bf5721b8232&version=2.4.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-96-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7d1a3b12b205859a4aba133554c1f54ca9e77f71549bfc3cf4f44268de09d8a

Request headers

Referer: https://auth-client.q.sling.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 04:49:59 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://auth-client.q.sling.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: fed228f114dab920288d9e0331605756

GET
H2 200 api.js Show response
hcaptcha.com/1/ 80 KB
26 KB 70ms
27ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de865423048644f5cf0367309cead85412354686968201c4a37818bbab03f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 18:45:44 GMT
server: cloudflare
etag: W/"669cf99e4776f46d5aa77b5569cec889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA50-C1
cf-ray: 6fa1194e18fd5b7a-FRA
x-amz-cf-id: f6F-UQa-QJkPe7q0fSEZpKZu41sVb1fIECQX0NHkSTezsXxAac4rAA==

GET
H2 200 proximanova-light.otf
auth-client.q.sling.com/fonts/ 102 KB
102 KB 442ms
441ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-light.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d4d381ca7503d9083558fb19db9b454a0cdb6d7c894b9ba9a4d977c50d713cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fddba137c1dfaa56d36a94a81942da56"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 104084
x-amz-cf-id: f-lu3rLy0pJ_cJvwGsh1r3FIiM6yDFaelUaWUoxW0EYTKL7EQoje8A==

GET
H2 200 proximanova-thin.otf
auth-client.q.sling.com/fonts/ 99 KB
100 KB 464ms
463ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-thin.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ee749dcb70575eb45054fb709670de8127b5f6bc99f0579965f44166282401c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "81776dce7b2d98744cc23c24a38ff520"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 101696
x-amz-cf-id: aw4ckQJUpJcSTNxM10TDkj-Atn7P4wToLzJgm7fq89P3aaKhOhcOAg==

GET
H2 200 proximanova-semibold.otf
auth-client.q.sling.com/fonts/ 102 KB
103 KB 468ms
467ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-semibold.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c3c63c227889873ac772b6d2bc7d48f26bc60e85d42b1f20476a057824e639be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "a90658a6a3d11df1ebb67dfed68d36f1"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 104504
x-amz-cf-id: g9nIB67CikXI3tuqVU7RAZewQMVhfu94VMcfGuCH0Uf1X8juFZ8nCw==

GET
H2 200 proximanova-bold.otf
auth-client.q.sling.com/fonts/ 104 KB
105 KB 492ms
491ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-bold.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2ea7f85e67d59f37589509441c014513bc553fe587cc4516c337424098d58d3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "deff6154f3086700a70b6664562feba0"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 106812
x-amz-cf-id: 5SmAS2KuARcJJncDSOv2yqxUcPLYESg5sbWVhcDLLKU-ZsYNouJyWQ==

GET
H2 200 proximanova-regular.otf
auth-client.q.sling.com/fonts/ 102 KB
103 KB 499ms
498ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-regular.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34ab066d3027a2023b8a7380dda5725a4a7eb1b469dbb7e4ad602f205ee73974

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "e8006e3631e356c15eb6c128d447aa7d"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 104528
x-amz-cf-id: 3oy267KioHtU1UD9rHrku9-pM-LVRG6i7t0u3unk5nlbYH5nk-CeyA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 467411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H2 200 proximanova-black.otf
auth-client.q.sling.com/fonts/ 103 KB
104 KB 478ms
478ms Font
binary/octet-stream 2600:9000:2156:3200:0:544f:e040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-client.q.sling.com/fonts/proximanova-black.otf

Requested by

Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:0:544f:e040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f57451bfab4fe3375a261ea0626b9cf6f978959b279f6234800120f7b9bbb6de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

Referer: https://auth-client.q.sling.com/
Origin: https://auth-client.q.sling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jul 2021 16:30:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "6ebd1fae4dfd9d42029be5c3e2813a14"
x-frame-options: deny
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-security-policy: frame-ancestors 'none';
accept-ranges: bytes
content-length: 105648
x-amz-cf-id: TFrSR3eHU3nRvHML0Yw_a3_wyEitpCdBugESh_8WftRxyp8afBCfOg==

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/8709c87/static/ Frame 903A 2 KB
1 KB 29ms
20ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ce680a29a932d853989098c53f020b0bfad321c27bef247b2e600fc746fa2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35190
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 6fa1194e695f5b7a-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 11 Apr 2022 04:50:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 06 Apr 2022 18:45:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id: QjDd70aFCaisY1_zZiuLKUK-DBd4radEWQGQ6MxwxQ8JAj_U0iSyFA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/8709c87/static/ Frame 7E35 2 KB
1 KB 29ms
20ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b183278f565cf492800c846227f1020a7d4f99ac49ac2016d0304fa3185f2f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35190
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 6fa1194e69605b7a-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 11 Apr 2022 04:50:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 06 Apr 2022 18:45:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-id: AZ2P8lB87XniMfn_CGdsj4Wqr2q_5seH5YzAa5VVVbzKWceKSla2Kg==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/8709c87/ Frame 7E35 134 KB
43 KB 47ms
45ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/8709c87/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b9e14b8c125925b51e15ebc33eaca2c763ff94018f538c582248febdcb56f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35191
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43673
access-control-allow-origin: *
last-modified: Wed, 06 Apr 2022 18:45:44 GMT
server: cloudflare
etag: "9ed16cef9aedf0263e5eda3507810f14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6fa1194eb9b15b7a-FRA
x-amz-cf-id: qDsBGhz9AiN2_A2g-i6LJD9DEDAYgjC9PmPTvz7fYaHhunG3xQL31w==

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/8709c87/ Frame 903A 206 KB
60 KB 20ms
20ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/8709c87/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733aca93fcc89bf83805fe71e170b3a551c8c767a9da048d7d14771bbe2d3fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35191
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60547
access-control-allow-origin: *
last-modified: Wed, 06 Apr 2022 18:45:44 GMT
server: cloudflare
etag: "e425796654c971bc5699a0ffa8964db3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6fa1194eb9b25b7a-FRA
x-amz-cf-id: 09G1dgzcAZLrvaJGBhdNmM2PCYFhfO4QgXDl1ehDRKu3Y7PtG6chHA==

GET
DATA 200
OK truncated
/ Frame 7E35 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 7E35 522 B
905 B 43ms
43ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=8709c87&host=auth-client.q.sling.com&sitekey=7843eab2-f272-47a3-824c-7d1b4fb7a372&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/8709c87/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da76d2de3b0a8c61a5ef7d37c0362c3f4105a471b9b21f736ab4473cabf73907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fa1194f69929064-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 38ms
20ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=8709c87&host=auth-client.q.sling.com&sitekey=7843eab2-f272-47a3-824c-7d1b4fb7a372&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: GET
Origin: https://newassets.hcaptcha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 6fa1194f48619b51-FRA
content-length: 0
date: Mon, 11 Apr 2022 04:50:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/b1d04f71/ Frame 903A 919 KB
347 KB 25ms
24ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/b1d04f71/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/8709c87/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/8709c87/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:00 GMT
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36435
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 18:38:04 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
cf-ray: 6fa1194fb9df9064-FRA
x-amz-cf-id: Ao9TpC_jZlbEcGZrkSIZlaCCFwIWyF_GYcU9wLL2ZrEeAIW5Z1PZGA==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 95 KB
24 KB 399ms
399ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Requested by: Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e4f9153676d1a95a699f67011afd88d07e12b99bc7f217a4ea4920e3181e5c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:00:19 GMT
server: AkamaiNetStorage
etag: "5619710af41590632bfa60d3760e4b12:1648137619.200762"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 24376
expires: Mon, 11 Apr 2022 04:55:01 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 39ms
7ms Script
application/javascript 2600:9000:2156:ec00:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js?utv=ut4.48.202107081647
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ec00:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:13:22 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
age: 23800
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 747
x-amz-cf-id: uxPEWzoDn5mC24VFGP-YmRqlta_GW_NNrhVHuQ_anSgsbEzTuak_Zw==

GET
H2 200 utag.251.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 58 KB
20 KB 15ms
14ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.251.js?utv=ut4.48.202112031949
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7c5bae511cf324c4b16bb8d41a30502bce8a1bc58de3f188171ea5796ee619a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 19:49:13 GMT
server: AkamaiNetStorage
etag: "e795f37a61ef2ebbc678b418dd5208f3:1638560953.365619"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 19907
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.474.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 3 KB
2 KB 11ms
10ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.474.js?utv=ut4.48.202107081154
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03adf88737cd6de069517041690e3d0195432c58308aa309da30f377a539cbf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:36 GMT
server: AkamaiNetStorage
etag: "632086d1c993ad15e4dfcb18976bce31:1625676516.284233"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1615
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.491.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 14 KB
4 KB 12ms
11ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.491.js?utv=ut4.48.202107081647
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6aef662299aea22b321f79d281b067e5aa921928310dbb29c190abdcd51ed858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:39 GMT
server: AkamaiNetStorage
etag: "60e8e0e401dc58fc9ee98dc015023d5c:1625676519.637027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4181
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.502.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 3 KB
2 KB 13ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.502.js?utv=ut4.48.202202032056
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62a65aaff12695be436ece2e21b331aa05a6b83666b0043e2c3a738e3eadaeaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:56:22 GMT
server: AkamaiNetStorage
etag: "93f23fb97be6003400331ba52d5d67bb:1643921782.656953"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1392
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.518.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 4 KB
2 KB 13ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.518.js?utv=ut4.48.202107081647
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83f593e478f6775db59c14672c246f3ce75bd732f8ededda0e103c6e35873f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:34 GMT
server: AkamaiNetStorage
etag: "495f12df66ec5fe6ee61b6ccba7d67a4:1625676514.492529"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1727
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.487.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 5 KB
2 KB 15ms
14ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.487.js?utv=ut4.48.202107081647
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45ee42865be5260c26b2f4a8f5ed6477cf224b88409dafaaf18642c29a9043a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:28 GMT
server: AkamaiNetStorage
etag: "df948f3d3defe2a71528129ee4a0d29b:1625676508.927637"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1741
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.522.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 4 KB
2 KB 15ms
14ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.522.js?utv=ut4.48.202109232058
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71cea28445ad3a34691acbbafc7e0cd6ca29bc9c1e03724ae41053613a44a9b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 20:58:46 GMT
server: AkamaiNetStorage
etag: "ba92149b55685e9db9d100be6e3771ae:1632430726.830885"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1557
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.480.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 24 KB
5 KB 18ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.480.js?utv=ut4.48.202110262007
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2fd54e13446a3f54edfc187c6b2f2be66fda3cbbbae7bc16bd2746afb6e66756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:07:59 GMT
server: AkamaiNetStorage
etag: "1f6021d03920ba3c9a5ad1e50da86afc:1635278879.521475"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4613
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.496.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 2 KB
1 KB 17ms
16ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.496.js?utv=ut4.48.202108201555
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: caed2697eb1f807c89f4c76623880a869dfdbda7c97d036b8d6bee50adb31a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 15:55:43 GMT
server: AkamaiNetStorage
etag: "379a0200bde18cbbc1c0058357727e3e:1629474943.515647"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1197
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.528.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 9 KB
3 KB 20ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.528.js?utv=ut4.48.202202032024
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0ee4f61af5f8f7fa0798de6e10b4fa50256bd8b585d4e1f92463b0b5c89da97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:24:43 GMT
server: AkamaiNetStorage
etag: "cb8100ef4a73d07dd8ff205fed0f7266:1643919883.150761"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3086
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.478.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 5 KB
2 KB 22ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.478.js?utv=ut4.48.202203241600
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 58dde2025be847a4376242ef0fd7e2e742dbde7b2a53d08634cdf913bbb841c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:00:18 GMT
server: AkamaiNetStorage
etag: "271a65299eb8f5c903bbd0f30ec26b19:1648137618.784108"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2126
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.517.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 7 KB
3 KB 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.517.js?utv=ut4.48.202107081647
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 31797f5f2fc6d8f4cab1e205578469d0dc4518a1b902f3a2becc27a03ab775dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:41 GMT
server: AkamaiNetStorage
etag: "7d91de4404847afe47e68fc8ebf4950a:1625676521.774461"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2436
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.481.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 4 KB
2 KB 24ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.481.js?utv=ut4.48.202112141942
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6844f33a8c149ee7f29e9f3393ee8160bd4777ef736ca5ed4b485c0da8849c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 19:42:43 GMT
server: AkamaiNetStorage
etag: "ba94dd20fb1bf6faeefbc6540b54a033:1639510963.565397"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1655
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.497.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 2 KB
1 KB 24ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.497.js?utv=ut4.48.202202032108
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 75e80780c8c02a834e513d57b8dd97ee59ce985442f44d1d99c077d2fa9a8b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 21:09:04 GMT
server: AkamaiNetStorage
etag: "6dae14c10dec4517c556cbc85c559c3b:1643922544.709088"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1048
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.524.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 4 KB
2 KB 26ms
25ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.524.js?utv=ut4.48.202109011537
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5002d8cd705ca7f5152b7f9566f8a4b6a19e4a9d95d7b610fdcbf1ef59784bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:48:31 GMT
server: AkamaiNetStorage
etag: "4c260d68cc9a1c4eeeb89347ec8afa30:1625676511.582931"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1682
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.516.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 2 KB
1 KB 26ms
26ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.516.js?utv=ut4.48.202110061457
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71166c42d2c131209d845948672aeb74f4c7718c5bc2b7a22d4ab2f15cecf5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 15:35:42 GMT
server: AkamaiNetStorage
etag: "33235a01781d6b0788c126a266cac8f2:1629300942.020672"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1136
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.519.js Show response
tags.tiqcdn.com/utag/dish/sling/qa/ 2 KB
1 KB 26ms
26ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.519.js?utv=ut4.48.202110061457
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c9b7d3438995799d1d726860a553c7dc9c79cd3373e27456b2c09aea2207409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 14:57:33 GMT
server: AkamaiNetStorage
etag: "92b34f8d43758c1d46204470b918ae3b:1633532253.262923"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1164
expires: Tue, 26 Apr 2022 04:50:01 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=dish/sling/202203241600&cb=1649652601120
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 11 Apr 2022 05:00:01 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 56ms
7ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 03:41:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 4126
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: bdUdn09rTWeov9wYweIHfCEhGe1TzqPhI__06CwmgeuUnGhEmxEUwA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: HKesE9aRCV8DiZrxgQ2ShMeklYh2RQXiC1QkiLzKMKkeUb0i09mJSyRUrO4sCxYWmsDoLlOKChFovAX+Donhsg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Apr 2022 04:50:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/6147;42269;4828;iframe/ Frame 9724 2 KB
3 KB 210ms
149ms Document
text/html 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/6147;42269;4828;iframe/?ftXCurrency=USD&U13=unknown&U14=unknown&U16=03082365851124528254264496049257114751&U17=screen_load&ft_referrer=https%3A%2F%2Fauth-client.q.sling.com%2F%3F~U13%3Dunknown%26U14%3Dunknown%26U16%3D03082365851124528254264496049257114751%26U17%3Dscreen_load&cb=44692
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.502.js?utv=ut4.48.202202032056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app13.lhr11 /
Resource Hash: fb5fa837823c81769a4a53bf5c29f9c5f97774b8866170caf3d6ccb027eaf14b

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: close
Content-Type: text/html
Date: Mon, 11 Apr 2022 04:50:01 GMT
Pragma: no-cache
Server: prod-xre-app13.lhr11
X-HW: 1649652601.dop225.am5.t,1649652601.cds016.am5.shn,1649652601.dop225.am5.t,1649652601.cds250.am5.sc,1649652601.cds250.am5.p

GET
H3

200

activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152 Show response
10507390.fls.doubleclick.net/ Frame A2AF
Redirect Chain

https://10507390.fls.doubleclick.net/activityi;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152?
https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152?

500 B
406 B

86ms
45ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

37910809990b9a9f930dca07eba264d743e4546b8203401a828a1815a518533a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 04:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 04:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 117ms
45ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14886
x-xss-protection: 0
server: cafe
etag: 11980861724045072707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 04:50:01 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 66ms
22ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 91FYPPXG9NZ04WNV
x-amz-id-2: yNyBoh+2eoGXPQ73KKliDa8JtJG5RWvR6O0s8D540JpYUWIrjV+XD2Ai+j+lr8/4CUpgcmIzRkI=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9476C75B26AF41D187140336D7A43AFF Ref B: FRAEDGE1420 Ref C: 2022-04-11T04:50:01Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 11 Apr 2022 04:50:00 GMT
accept-ranges: bytes
content-length: 11347

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 44ms
7ms Script
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.496.js?utv=ut4.48.202108201555
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
age: 13489
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Mon, 11 Apr 2022 01:05:13 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6674
x-amz-cf-id: bQ3UPmgXQq5UanRNhrUB4yzmdb7lYfdjqBx_nS7raaGjwQfZcVxVRQ==

GET
H2 200 A2968629-2777-4094-a262-ab0b073f65b71.js Show response
utt.impactcdn.com/ 41 KB
13 KB 166ms
124ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A2968629-2777-4094-a262-ab0b073f65b71.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 50e09adbf0406ad2cbd355314653ce71f6e8c2739c4fc87ac4858a2ef0e85071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtReXtls6Cb63fBpbdt6S0SJWUP3wx8aHJsEg6gfRwxqrQJfWsXkVRPvaCDJ70RTHYHSWo70LRQIQjtE7821TlV0o0Jg6fZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12938
last-modified: Thu, 17 Feb 2022 07:47:06 GMT
server: UploadServer
etag: "3f7297267d32099aafec74d2368099c6"
vary: Accept-Encoding
x-goog-hash: crc32c=xyspNg==, md5=P3KXJn0yCZqv7HTSNoCZxg==
x-goog-generation: 1645084026001279
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12938
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Mon, 11 Apr 2022 04:55:01 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 17 KB
7 KB 62ms
20ms Script
application/javascript 143.204.93.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-244.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 31ca84e975c68ecedc2a4f36cbadf1d9de61a1a51670ac2fb62ea5f761fd4ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6428
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-id: ciRuJeq4r02-AyV4rMgmLrsmw3vFhZH9Te4ZHAGjveciaiV-5QhUhQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 153ms
101ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 5998
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=
https://action.media6degrees.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=

5 B
232 B

396ms
382ms

Document
text/html

2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.497.js?utv=ut4.48.202202032108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 6fa11957ba6d918c-FRA
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=ISO-8859-1
date: Mon, 11 Apr 2022 04:50:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
server: cloudflare

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 6fa119557e5f918c-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 11 Apr 2022 04:50:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1023357&ns=3120&nc=unknown&ncv=19&dstOrderId=&dstOrderAmount=
server: cloudflare

GET
H2 200 sync Show response
live.rezync.com/ 1 KB
2 KB 193ms
152ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?k=slingtv-pixel-2966&c=16b6410431b6374e780104abb0443ca8&p=9ac694f218d79783ba08e4e73b0d07f4&zmpID=slingtv&cache_buster=0.16154709257464583
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 6c271cfb042bf44094a46364d234f7a5299d73cd2c474a19c9ef8f9766e29339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
server: lighttpd/1.4.33
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 1405
x-amz-cf-id: rbbl5Wz-RQVubX4CA0NCpzkJuWYOwaSE095TRfhxgE_H9CjBRTg1YQ==

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 113ms
33ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/dish/sling/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 03:51:35 GMT
content-encoding: gzip
age: 3506
x-guploader-uploadid: ADPycdu177nDr_0sPVYkhu1G2RbAV6oQu_2NcB8d5gL2RnRGNc8tWdB23Ubfpgw5b9XKHgMZRHgcbwcDF4M-MGgxLeebOWvwDfQ0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 11 Apr 2022 04:51:35 GMT

GET
H2

200

TC-3350-1.gif
pt.ispot.tv/v2/
Redirect Chain

https://staging-pt.ispot.tv/v2/TC-1732-3.gif?uid=03082365851124528254264496049257114751&app=web&type=visit
https://dpm.demdex.net/ibs:dpid=408820&dpuuid=b1d4e65a4187db1792325f8db0b9a60f8c0af853b98b89d9fe185379b2e62fe7&redir=https%3A%2F%2Fpt.ispot.tv%2Fv2%2FTC-3350-1.gif%3Fcid%3D%24%7BDD_UUID%7D%26nr%3D1
https://pt.ispot.tv/v2/TC-3350-1.gif?cid=03045343016805501984274047231754605456&nr=1

43 B
97 B

16ms
8ms

Image
image/gif

151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3350-1.gif?cid=03045343016805501984274047231754605456&nr=1
Protocol: H2
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bKxgN8xVRbs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://pt.ispot.tv/v2/TC-3350-1.gif?cid=03045343016805501984274047231754605456&nr=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 392ms
97ms Image
image/gif 52.204.238.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&pixid=d69b3d78-5981-4d59-98fb-aeb64698eeee&action=content&_rnd=0.3345837824364035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.238.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-238-247.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 540451996466903 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 50ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/540451996466903?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

defebf113337458697f20774160ca9061de11841a53997c84538a11bee089039

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8iI6u+eW5JbOTfOpK7bTzCQYJcbDAvBNpmFieFfVIHWUYavX+hVUI48QLYQSZC8otlAlGkEt2M7ZBYKXati6zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 11 Apr 2022 04:50:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame B08E
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136
https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

65 B
973 B

124ms
124ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 11 Apr 2022 04:50:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: F9KY54FKHXB74HAQ69C8

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 11 Apr 2022 04:50:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=766d543b-327c-4d85-bc82-3f133f830556&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TVWR7FXKM21WGM9YKDW5

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 26EB
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136
https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

65 B
973 B

119ms
119ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 11 Apr 2022 04:50:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZFAVGGNP7W04PXV939E9

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 11 Apr 2022 04:50:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=3b1917a1-41fc-4952-af22-b958e7f897d3&event=PageView&pageLOB=unknown&pageClass=unknown&tEvent=screen_load&ts=1649652601136&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: T7SQKN4A24ESTJ2NDP7D

GET
H2 204 18003841.js Show response
bat.bing.com/p/action/ 0
118 B 139ms
138ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/18003841.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0D36C57218484F48B41ABE5D1EBBD218 Ref B: FRAEDGE1420 Ref C: 2022-04-11T04:50:01Z
date: Mon, 11 Apr 2022 04:50:00 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
119 B 83ms
82ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=18003841&Ver=2&mid=20066072-1fc2-4f63-a7a8-3669eb4add4f&sid=d87916f0b95211ec91c11f653b99eb7f&vid=d8793390b95211ec96013b1c3362521f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20in%20%7C%20Sling%20TV&p=https%3A%2F%2Fauth-client.q.sling.com%2F&r=&lt=2245&evt=pageLoad&msclkid=N&sv=1&rn=951892

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7398AFBA4081468298E2FA163A947F93 Ref B: FRAEDGE1420 Ref C: 2022-04-11T04:50:01Z
date: Mon, 11 Apr 2022 04:50:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
174 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=18003841&Ver=2&mid=20066072-1fc2-4f63-a7a8-3669eb4add4f&sid=d87916f0b95211ec91c11f653b99eb7f&vid=d8793390b95211ec96013b1c3362521f&vids=0&ec=unknown&el=screen_load&ea=tracking&en=Y&evt=custom&msclkid=N&rn=291863

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 424FFFAB87A2427DBA3063A4E19E172A Ref B: FRAEDGE1420 Ref C: 2022-04-11T04:50:01Z
date: Mon, 11 Apr 2022 04:50:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame E24A 0
182 B 91ms
30ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=dppw33q&ref=https%3A%2F%2Fauth-client.q.sling.com%2F&upid=5zum9vh&upv=1.1.0&orderid=&v=&vf=USD&td1=03082365851124528254264496049257114751&td2=&td3=unknown&td4=screen_load&td5=&td6=unknown&td7=&td8=screen_load|unknown&td9=&td10=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 11 Apr 2022 04:50:01 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
331 B 58ms
21ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=3d2cc1a3-d378-46c1-8e3c-c0355fe1ab14&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

2b6fdc30f3696b9fa896a29a8c58533eadcce18fc98200b4b110cb5826b625a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 00CF 0
241 B 52ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3d2cc1a3-d378-46c1-8e3c-c0355fe1ab14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 04:50:01 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 200 10147220.json Show response
s.yimg.com/wi/config/ 2 B
485 B 438ms
398ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10147220.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: K0SWTH91QE94NQM6
x-amz-id-2: kouCBd9U8/r7QHdt2USjQ5qBr4XaxtCg9uY2C9R9QZnRVr6N5OOA5l7DtllS7QuKvG4z+COurOY=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 26ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=540451996466903&ev=PageView&dl=https%3A%2F%2Fauth-client.q.sling.com%2F&rl=&if=false&ts=1649652601225&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1649652601224.76433771&it=1649652601166&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 11 Apr 2022 04:50:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 26ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=540451996466903&ev=ViewContent&dl=https%3A%2F%2Fauth-client.q.sling.com%2F&rl=&if=false&ts=1649652601227&cd[currency]=USD&cd[current_event]=screen_load&cd[p_lob]=unknown&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=1&o=28&fbp=fb.1.1649652601224.76433771&it=1649652601166&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 11 Apr 2022 04:50:01 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame 54AD 0
208 B 36ms
27ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://auth-client.q.sling.com
Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 04:50:01 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 200 s56185480208726
smetrics.sling.com/b/ss/dishaandtslingwebqa/1/JS-2.22.0/ 43 B
349 B 19ms
19ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.sling.com/b/ss/dishaandtslingwebqa/1/JS-2.22.0/s56185480208726?AQB=1&ndh=1&pf=1&t=11%2F3%2F2022%204%3A50%3A1%201%200&sdid=184B709FBCFEC7EB-121C6C1935E17DB1&mid=03082365851124528254264496049257114751&aamlh=6&ce=UTF-8&ns=dishaandt&pageName=%2Fsignin&g=https%3A%2F%2Fauth-client.q.sling.com%2F&cc=USD&ch=sling&server=auth-client.q.sling.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=6.12.0&v1=%2Fsignin&c2=ut4.48.202203241600&v2=generic&c3=D%3Dmid&v4=https%3A%2F%2Fauth-client.q.sling.com%2F&v8=2-3sec&v9=2243&v10=unknown&v11=unknown&v12=sun&v13=sling&v27=logged-out&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9425401053CD40810A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Apr 2022 04:50:01 GMT
server: jag
xserver: anedge-7b6f4bb9f7-zmzsl
etag: 3542601987494871040-4619627545988061732
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 10 Apr 2022 04:50:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/995610103/ 2 KB
2 KB 130ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995610103/?random=1649652601261&cv=9&fst=1649652601261&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth-client.q.sling.com%2F&tiba=Sign%20in%20%7C%20Sling%20TV&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03db124787f54d259d06d74db301335076c32a537df21f353b230a3f1b9e5ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 999
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 229ms
163ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://auth-client.q.sling.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 378e1ab9848137169b5a41ebed8fae59
function-execution-id: f36i4sr557ay
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 232ms
145ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auth-client.q.sling.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 04:50:01 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: dv7fhtjj5jxh
server: Google Frontend
x-cloud-trace-context: d63d7e3c4109614a0f2c6bbdc976a607
x-powered-by: Express

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 104ms
104ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=25898131&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25898131%26t%3D1

0
1009 B

14ms
14ms

Script
application/javascript

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25898131%26t%3D1

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 04:50:01 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 275807d3-8635-4eb8-a3c0-1b4b75353679
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 04:50:01 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad1ad53d-4503-449c-9ca3-8a910fc5485f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25898131%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 55ms
7ms Script
application/x-javascript 2600:9000:2156:c200:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: auth-client.q.sling.com
URL: https://auth-client.q.sling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 03:59:06 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 03:58:56 GMT
server: Jetty(9.3.29.v20201019)
age: 3055
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: QaACKohsOPZpY1yKkjXWYntn2ajz0Krrz-XfYrlaakRWSLVG2DtQTA==
expires: Mon, 11 Apr 2022 04:59:06 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-... Frame A914 499 B
850 B 174ms
74ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-client.q.sling.com/

Requested by

Host: 10507390.fls.doubleclick.net
URL: https://10507390.fls.doubleclick.net/activityi;dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed27f27c84399512e46432eec69df46b4b811ec8b324cf0ea99657151978bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10507390.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 04:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ca.html Show response
20831699p.rfihub.com/ Frame 7F2E 3 KB
4 KB 200ms
20ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20831699p.rfihub.com/ca.html?ver=9&rb=43848&ca=20831699&_o=43848&_t=20831699&pe=https%3A%2F%2Fauth-client.q.sling.com%2F&pf=&ra=9867657435769066
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: f43c3c5a754868ce3ad4c51c75e2b8c1bdc2e1f9e1deaff0d7f35480a81c1127

Request headers

Referer: https://auth-client.q.sling.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2796
Content-Type: text/html;charset=utf-8
Date: Mon, 11 Apr 2022 04:50:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 /
www.google.com/pagead/1p-user-list/995610103/ 42 B
548 B 137ms
50ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/995610103/?random=1649652601261&cv=9&fst=1649649600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fauth-client.q.sling.com%2F&tiba=Sign%20in%20%7C%20Sling%20TV&async=1&fmt=3&is_vtc=1&random=2144913156&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/995610103/ 42 B
548 B 146ms
59ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/995610103/?random=1649652601261&cv=9&fst=1649649600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fauth-client.q.sling.com%2F&tiba=Sign%20in%20%7C%20Sling%20TV&async=1&fmt=3&is_vtc=1&random=2144913156&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 482 B
583 B 70ms
33ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620393184602&ov=%7B%22page_name%22%3A%22%2Fsignin%22%2C%22page_category%22%3A%22generic%22%7D&pd=%7B%22np%22%3A%22tealium%22%7D&cb=1649652601411
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8aa04a1f343a39a2cb3f748899533584c50d6401cb32316d237e15adc3f26623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth-client.q.sling.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU5HUTJZbUZtWTJFdE16WXpNeTAwWldVeUxUazFPVGd0WWprMlpURXhaV1UyWlRoaA
x-pinterest-rid: 9384202928337049
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
82 B 68ms
33ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2620393184602&ov=%7B%22page_name%22%3A%22%2Fsignin%22%2C%22page_category%22%3A%22generic%22%7D&pd=%7B%22np%22%3A%22tealium%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauth-client.q.sling.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1649652601414
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8652371986393225
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
492 B 67ms
32ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22currency%22%3A%22USD%22%7D&tid=2620393184602&pd=%7B%22np%22%3A%22tealium%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauth-client.q.sling.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1649652601414
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 6209962903411570
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-c... Frame EB58 194 B
870 B 160ms
74ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-client.q.sling.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLfcs-qai_cCFW9BHQkduCYKQA;src=10507390;type=01;cat=slng_0;u2=screen_load;u5=https%3A%2F%2Fauth-client.q.sling.com%2F;ord=7165304449405.152;~oref=https://auth-client.q.sling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 04:50:01 GMT
expires: Mon, 11 Apr 2022 04:50:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 7F2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTY4MDk0NDg2Ng==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENzthtzPje907jw4ahhLp0g&google_cver=1

42 B
1 KB

58ms
15ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENzthtzPje907jw4ahhLp0g&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENzthtzPje907jw4ahhLp0g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 7F2E 43 B
998 B 44ms
13ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5124322321680944866

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 04:50:01 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 24b58061-155e-4d18-81b3-04d60fa36ca5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 7F2E
Redirect Chain

https://stags.bluekai.com/site/4722?id=5124322321680944866&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID

42 B
1 KB

16ms
15ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID
Date: Mon, 11 Apr 2022 04:50:01 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7F2E 0
239 B 36ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5124322321680944866&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1 200
OK ibs:dpid=1121&dpuuid=5124322321680944866&redir=
dpm.demdex.net/ Frame 7F2E 42 B
943 B 32ms
29ms Image
image/gif 34.242.106.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322321680944866&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.106.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-106-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-08076e64f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tfpwrwcqQgw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7F2E
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322321680944866&bid=omt9pi0

0
344 B

60ms
23ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322321680944866&bid=omt9pi0
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322321680944866&bid=omt9pi0
Date: Mon, 11 Apr 2022 04:50:01 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 7F2E 45 B
614 B 48ms
24ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322321680944866

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 11 Apr 2022 04:50:01 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 11 Apr 2022 04:50:01 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 7F2E 0
105 B 53ms
9ms Image
text/plain 52.28.129.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.129.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-129-116.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 7F2E
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321680944866&referrer=https%3A%2F%2Fauth-client.q.sling.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=05eacba5-c953-4bb5-892b-4f15ae887f72%3A1649652601.26&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D05eacba5-c953-4bb5-892b-4f15ae887f72...
https://idsync.rlcdn.com/501709.gif?partner_uid=05eacba5-c953-4bb5-892b-4f15ae887f72%3A1649652601.26
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMN5yVpl8rlNx1K8B0r9HTc&google_cver=1

42 B
300 B

41ms
41ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMN5yVpl8rlNx1K8B0r9HTc&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMN5yVpl8rlNx1K8B0r9HTc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 7F2E 43 B
109 B 365ms
146ms Image
image/gif 23.21.225.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322321680944866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.225.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-225-74.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7F2E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward=&C=1

43 B
1006 B

15ms
15ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward=&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 04:50:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 11 Apr 2022 04:50:01 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 04:50:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321680944866&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Mon, 11 Apr 2022 04:50:01 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 7F2E 42 B
417 B 116ms
41ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322321680944866
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 7F2E 43 B
191 B 217ms
176ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322321680944866

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Apr 2022 04:50:01 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 7F2E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321680944866&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321680944866&img=1&__user_check__=1&sync_id=d8c8472d-b952-11ec-b978-1644f9a80506

43 B
548 B

162ms
161ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321680944866&img=1&__user_check__=1&sync_id=d8c8472d-b952-11ec-b978-1644f9a80506
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 85
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5124322321680944866&img=1&__user_check__=1&sync_id=d8c8472d-b952-11ec-b978-1644f9a80506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 7F2E 43 B
183 B 301ms
95ms Image
image/gif 2600:1f18:612b:4264:5fd:edb0:5599:8b67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322321680944866&r=9Wz0re5U2EnM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:5fd:edb0:5599:8b67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 7F2E 43 B
238 B 73ms
19ms Image
image/gif 35.178.150.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322321680944866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.150.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7F2E 0
338 B 103ms
32ms Image
text/plain 52.208.185.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322321680944866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:50:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=130 t=1649652601
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 7F2E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321680944866&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321680944866&expires=30

43 B
495 B

10ms
10ms

Image
image/gif

3.122.174.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321680944866&expires=30
Protocol: HTTP/1.1
Server: 3.122.174.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-174-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321680944866&expires=30
Date: Mon, 11 Apr 2022 04:50:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 7F2E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YlOzeQATts6B3AAy
https://p.rfihub.com/cm?in=1&pub=21653&userid=YlOzeQATts6B3AAy&_test=YlOzeQATts6B3AAy

42 B
1 KB

15ms
15ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YlOzeQATts6B3AAy&_test=YlOzeQATts6B3AAy
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20831699p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:50:01 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649652602.895863,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YlOzeQATts6B3AAy&_test=YlOzeQATts6B3AAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 142ms
62ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2011%20Apr%202022%2004%3A50%3A01%20GMT&n=0&b=Sign%20in%20%7C%20Sling%20TV&.yp=10147220&f=https%3A%2F%2Fauth-client.q.sling.com%2F&enc=UTF-8&yv=1.12.0&page_lob=unknown&page_classification=unknown&product_id=&et=custom&ea=screen_load&tagmgr=tealium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-client.q.sling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 04:50:01 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 11 Apr 2022 04:50:01 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 02:15:39	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.sling.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 06:33:24	Name: demdex Value: 03045343016805501984274047231754605456
.sling.com/	1969-12-31 23:59:59	Name: AMCVS_9425401053CD40810A490D4C%40AdobeOrg Value: 1
.sling.com/	1970-01-20 19:45:24	Name: s_ecid Value: MCMID%7C03082365851124528254264496049257114751
.sling.com/	1970-01-20 19:46:50	Name: AMCV_9425401053CD40810A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19094%7CMCMID%7C03082365851124528254264496049257114751%7CMCAAMLH-1650257399%7C6%7CMCAAMB-1650257399%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1649659799s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.sling.com/	1970-01-20 02:57:24	Name: da_visID Value: 03082365851124528254264496049257114751
.sling.com/	1970-01-20 02:57:24	Name: da_vstrID Value: 03082365851124528254264496049257114751
.sling.com/	1970-01-20 19:48:17	Name: mbox Value: session#85936210e31a40f58fff5bf5721b8232#1649654460\|PC#85936210e31a40f58fff5bf5721b8232.37_0#1712897400
.sling.com/	1970-01-20 02:14:14	Name: mboxEdgeCluster Value: 37
auth-client.q.sling.com/	1970-01-20 02:14:12	Name: url:params Value:
auth-client.q.sling.com/	1970-01-20 02:57:24	Name: SlingAnalyticsPersistentData Value: []
auth-client.q.sling.com/	1969-12-31 23:59:59	Name: utagdb Value: true
.sling.com/	1970-01-20 10:59:48	Name: utag_main Value: v_id:018016f510c80011e79d6f93b86703073002006b00b08$_sn:1$_se:1$_ss:1$_st:1649654401033$ses_id:1649652601033%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:sling.com$page_previous_url:https%3A%2F%2Fauth-client.q.sling.com%2F%3Bexp-session$page_previous_name:%2Fsignin%3Bexp-session
.bing.com/	1970-01-20 11:35:48	Name: MUID Value: 15CBEDEBFE606A243C30FC68FF0B6BED
.sling.com/	1970-01-20 02:15:39	Name: _uetsid Value: d87916f0b95211ec91c11f653b99eb7f
.sling.com/	1970-01-20 11:35:48	Name: _uetvid Value: d8793390b95211ec96013b1c3362521f
.ispot.tv/	1970-01-20 19:45:24	Name: pt Value: v2:b1d4e65a4187db1792325f8db0b9a60f8c0af853b98b89d9fe185379b2e62fe7\|2de4e7568e666575ab034a30b34755de86d040efad156def6a45505ddc12f94d
.sling.com/	1970-01-20 04:23:48	Name: _fbp Value: fb.1.1649652601224.76433771
.sling.com/	1970-01-20 11:43:59	Name: _scid Value: e4e8b0bf-503b-4af3-8a44-c8e8bae1e1e3
.sling.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 06:33:24	Name: dpm Value: 03045343016805501984274047231754605456
.snapchat.com/	1970-01-20 11:35:48	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRGAIAwDwIl612ISyTgIOkWH9x++1v6mY9RRoPyE930iMUEu6iW6S7A4lNX5A+Y/v9kyAAAA
auth-client.q.sling.com/	1970-01-20 10:59:48	Name: __pdst Value: cd4d24719a9448bfac041096b2a4f613
.sling.com/	1969-12-31 23:59:59	Name: IR_gbd Value: sling.com
.sling.com/	1969-12-31 23:59:59	Name: IR_14334 Value: 1649652601308%7C0%7C1649652601308%7C%7C
.rezync.com/	1970-01-20 06:32:59	Name: zync-uuid Value: 05eacba5-c953-4bb5-892b-4f15ae887f72:1649652601.26
.adnxs.com/	1970-01-20 04:23:48	Name: uuid2 Value: 8213766760075801999
.ct.pinterest.com/	1970-01-20 10:59:48	Name: _pinterest_ct_ua Value: "TWc9PSZWdXhBalZjRVlGZGVNdzJROWduYW15czF5M2h5d3ZvU3VmWmo5UlhneEF5NGp5ZlRWdW5qVWlqOHNRU3ZxWHQvUjVnN0xkdndib0V5YkJlaXRSUzdjUkJqcmRkK2hSZGIwZ1BiSUVVdHN6OD0maFhPenRNQVVSclltVlZEWkZtRW5iWTF2MFRNPQ=="
.auth-client.q.sling.com/	1970-01-20 10:59:48	Name: _pin_unauth Value: dWlkPU5HUTJZbUZtWTJFdE16WXpNeTAwWldVeUxUazFPVGd0WWprMlpURXhaV1UyWlRoaA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjSzMLA0MbEwMxPiM9RNTwkKjQ_ICc7zNjcGAPsRQw4lAAAA
.rfihub.com/	1970-01-20 11:35:48	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjSzMLA0MbEwMxPiM9RNTwkKjQ_ICc7zNjeW4jU0M7E0MzUyMzA0tbAAAJloXGM0AAAA
.casalemedia.com/	1970-01-20 10:59:48	Name: CMID Value: YlOzeRdDL6NWUjEIAZ1VpAAA
.casalemedia.com/	1970-01-20 04:23:48	Name: CMPS Value: 3269
.adnxs.com/	1970-01-20 04:23:48	Name: anj Value: dTM7k!M4/YErk#WF']wIg2In:r.jJ#!]tbPl1MNu::wpAk`W=me:[2Tk_?JedWJY@e8=dqn=1JkTPv/y!_6-zQEVk`!)TF<(LHj5
.media.net/	1970-01-20 10:59:48	Name: visitor-id Value: 2926542018397208000V10
.media.net/	1970-01-20 10:58:22	Name: data-rk Value: 5124322321680944866~~3
.casalemedia.com/	1970-01-20 04:23:48	Name: CMPRO Value: 1111
.casalemedia.com/	1970-01-20 02:15:39	Name: CMST Value: YlOzeWJTs3kA
.casalemedia.com/	1970-01-20 10:59:48	Name: CMRUM3 Value: 396253b37927605124322321680944866
.amazon-adsystem.com/	1970-01-20 08:35:48	Name: ad-id Value: Aw03Gx-R9ki2rB3jgE3CoGk
.amazon-adsystem.com/	1970-01-22 00:00:17	Name: ad-privacy Value: 0
.spotxchange.com/	1970-01-20 10:59:52	Name: audience Value: d8c846d6-b952-11ec-b978-1644f9a80506
.doubleclick.net/	1970-01-20 11:35:48	Name: IDE Value: AHWqTUlGrMmKtakzAUvKLm8IUzca9El0YvPxB2NxL32XP_mu_QSpF0pa891UG1JkaLk
.eyeota.net/	1970-01-20 02:14:13	Name: SERVERID Value: 16675~DM
.rlcdn.com/	1970-01-20 10:59:48	Name: rlas3 Value: 9kt62sMg+ZMjvTUwLU14KG3PqvxOh2XsYePfkWGwmd0=
live.rezync.com/	1970-01-20 06:33:24	Name: sd-session-id Value: .eJwVyk0LgjAYAOC_Eu_Zg3v9wIRusxDavFiyLpI2ZOos3IRU_O_Z8YFnhfIjR_0c5GAhtuMkHah7tctAvIJRi5YdxBAQ9D1ED0kYuUffj8IQNgeMNEa9h1K9_vtQ7ZPRey8KrkR-s2LpCJtdV-iUXPMmYDq1_CK-vDj3GW28R1vPWZsgpx3yPEVGk4m14gTb9gOoljCR.FTVE-Q.TqyvcLTC5oJ4zuNirdcQHvcSdK0
.krxd.net/	1970-01-20 06:33:24	Name: _kuid_ Value: OxXnQWsQ
.bidswitch.net/	1970-01-20 10:59:48	Name: tuuid Value: ca3d4efc-7664-4a9b-891d-92c3f27701a3
.bidswitch.net/	1970-01-20 10:59:48	Name: c Value: 1649652601
.bidswitch.net/	1970-01-20 10:59:48	Name: tuuid_lu Value: 1649652601
.yahoo.com/	1970-01-20 11:00:10	Name: A3 Value: d=AQABBHmzU2ICEPFiHN6I6vHAU1Cqk-3m4SYFEgEBAQEEVWJdYgAAAAAA_eMAAA&S=AQAAAo8d_IPOBLajEWAt-Ywn-hs
.rlcdn.com/	1970-01-20 03:40:36	Name: pxrc Value: CPnmzpIGEgYIuuoBEAA=
.everesttech.net/	1970-01-20 10:59:48	Name: everest_g_v2 Value: g_surferid~YlOzeQATts6B3AAy
.rfihub.com/	1970-01-20 11:35:48	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129asqySipCshKtTQwzyo3SczI8CkwSFfiVIl38o4PDfV0CeI1NDOxNDM1MjMwNLc0zkLiWhiazWJE4ptaGq1C459C479C4_9C409iQuXPQuMvQuOvQuNvQuPvQlfPgsq_hcw3A5rPKhCZ41-VGugYUlJs5mTs6Fi5ihVJCTCUNrGiWcGN5iU0_iJhVP4jND4AFe6TfYoBAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129asqySipCshKtTQwzyo3SczI8CkwSFfiVIl38o4PDfV0WcUoEJnjX5Ua6BhSUmzmZOzoWAkAxj2r7TwAAAA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10507390.fls.doubleclick.net
20831699p.rfihub.com
a.rfihub.com
aa.agkn.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
apis.google.com
auth-client.q.sling.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.rfihub.net
cdn.c212.net
cdn.pdst.fm
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
data.adxcel-ec2.com
dishanalyticsandtest.tt.omtrdc.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hcaptcha.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
newassets.hcaptcha.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
pt.ispot.tv
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
sc-static.net
secure.adnxs.com
servedby.flashtalking.com
smetrics.sling.com
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
staging-pt.ispot.tv
stags.bluekai.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.tiqcdn.com
tr.snapchat.com
us-central1-adaptive-growth.cloudfunctions.net
utt.impactcdn.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
x.bidswitch.net
x.dlx.addthis.com
104.16.168.131
104.16.169.131
104.75.88.194
142.250.185.98
142.250.186.102
142.250.186.98
143.204.93.244
143.204.94.161
143.204.95.188
143.204.98.33
15.188.95.229
151.101.0.84
151.101.194.132
151.101.66.49
185.33.220.216
185.33.220.240
185.94.180.125
193.0.160.128
2001:4860:4802:36::36
209.197.3.19
212.82.100.181
23.21.225.74
23.35.228.23
23.35.236.247
2600:1f18:612b:4264:5fd:edb0:5599:8b67
2600:9000:2156:3200:0:544f:e040:93a1
2600:9000:2156:c200:1:76cf:fe80:93a1
2600:9000:2156:ec00:16:cfb1:a0c0:93a1
2606:4700::6812:a4f
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a02:26f0:3500:893::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.174.248
34.242.106.163
35.178.150.13
35.186.226.184
35.186.249.72
35.244.142.80
35.244.174.68
35.71.131.137
52.204.238.247
52.208.185.108
52.211.96.107
52.28.129.116
52.46.130.91
52.57.150.20
69.173.144.139
69.192.160.219
02254e1cc43d6c33d037b08436127edcd01315ca23c4882ff9cea506ec853fae
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
03adf88737cd6de069517041690e3d0195432c58308aa309da30f377a539cbf4
03db124787f54d259d06d74db301335076c32a537df21f353b230a3f1b9e5ce4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ee4f61af5f8f7fa0798de6e10b4fa50256bd8b585d4e1f92463b0b5c89da97e
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
25d130b5a2aa8ed5436aff38a076113b9a526934a90f55b29599aaca8a112067
2b6fdc30f3696b9fa896a29a8c58533eadcce18fc98200b4b110cb5826b625a3
2ea7f85e67d59f37589509441c014513bc553fe587cc4516c337424098d58d3f
2fd54e13446a3f54edfc187c6b2f2be66fda3cbbbae7bc16bd2746afb6e66756
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
31797f5f2fc6d8f4cab1e205578469d0dc4518a1b902f3a2becc27a03ab775dd
31ca84e975c68ecedc2a4f36cbadf1d9de61a1a51670ac2fb62ea5f761fd4ce5
34ab066d3027a2023b8a7380dda5725a4a7eb1b469dbb7e4ad602f205ee73974
37910809990b9a9f930dca07eba264d743e4546b8203401a828a1815a518533a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e03a3a831a9dcd61d523464f17b82b086925497bd8251a5b522b4c0b4fed78b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
45ee42865be5260c26b2f4a8f5ed6477cf224b88409dafaaf18642c29a9043a5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9b7d3438995799d1d726860a553c7dc9c79cd3373e27456b2c09aea2207409
5002d8cd705ca7f5152b7f9566f8a4b6a19e4a9d95d7b610fdcbf1ef59784bd1
50e09adbf0406ad2cbd355314653ce71f6e8c2739c4fc87ac4858a2ef0e85071
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58dde2025be847a4376242ef0fd7e2e742dbde7b2a53d08634cdf913bbb841c4
62a65aaff12695be436ece2e21b331aa05a6b83666b0043e2c3a738e3eadaeaa
6844f33a8c149ee7f29e9f3393ee8160bd4777ef736ca5ed4b485c0da8849c15
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6aef662299aea22b321f79d281b067e5aa921928310dbb29c190abdcd51ed858
6c271cfb042bf44094a46364d234f7a5299d73cd2c474a19c9ef8f9766e29339
6ce680a29a932d853989098c53f020b0bfad321c27bef247b2e600fc746fa2c4
6d4d381ca7503d9083558fb19db9b454a0cdb6d7c894b9ba9a4d977c50d713cf
6de865423048644f5cf0367309cead85412354686968201c4a37818bbab03f99
71166c42d2c131209d845948672aeb74f4c7718c5bc2b7a22d4ab2f15cecf5c9
71cea28445ad3a34691acbbafc7e0cd6ca29bc9c1e03724ae41053613a44a9b2
733aca93fcc89bf83805fe71e170b3a551c8c767a9da048d7d14771bbe2d3fe4
75e80780c8c02a834e513d57b8dd97ee59ce985442f44d1d99c077d2fa9a8b9e
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
7ed27f27c84399512e46432eec69df46b4b811ec8b324cf0ea99657151978bfd
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
83f593e478f6775db59c14672c246f3ce75bd732f8ededda0e103c6e35873f8e
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8aa04a1f343a39a2cb3f748899533584c50d6401cb32316d237e15adc3f26623
8ee749dcb70575eb45054fb709670de8127b5f6bc99f0579965f44166282401c
8f24385a088128258a0e04505b4351d31e4965c0f0007566c714b6ab368a9ccc
9332b538e34b03cb00006f221b0886ab0fb2c71ae02cf16e9f2acee9badbeb7e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3b9e14b8c125925b51e15ebc33eaca2c763ff94018f538c582248febdcb56f2
a7c5bae511cf324c4b16bb8d41a30502bce8a1bc58de3f188171ea5796ee619a
a7d1a3b12b205859a4aba133554c1f54ca9e77f71549bfc3cf4f44268de09d8a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b183278f565cf492800c846227f1020a7d4f99ac49ac2016d0304fa3185f2f43
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
c3c63c227889873ac772b6d2bc7d48f26bc60e85d42b1f20476a057824e639be
c5357d0d2af9f9f229903150cd774fc34aa8edc291c6db28bae1beaf5117698c
caed2697eb1f807c89f4c76623880a869dfdbda7c97d036b8d6bee50adb31a49
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
da76d2de3b0a8c61a5ef7d37c0362c3f4105a471b9b21f736ab4473cabf73907
defebf113337458697f20774160ca9061de11841a53997c84538a11bee089039
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f9153676d1a95a699f67011afd88d07e12b99bc7f217a4ea4920e3181e5c3c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f43c3c5a754868ce3ad4c51c75e2b8c1bdc2e1f9e1deaff0d7f35480a81c1127
f57451bfab4fe3375a261ea0626b9cf6f978959b279f6234800120f7b9bbb6de
fb5fa837823c81769a4a53bf5c29f9c5f97774b8866170caf3d6ccb027eaf14b

auth-client.q.sling.com Open in urlscan Pro 2600:9000:2156:3200:0:544f:e040:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

90 %HTTPS

34 %IPv6

51 Domains

64 Subdomains

58 IPs

7 Countries

3062 kBTransfer

4578 kBSize

56 Cookies

63 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth-client.q.sling.com Open in urlscan Pro
2600:9000:2156:3200:0:544f:e040:93a1 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

90 %
HTTPS

34 %
IPv6

51
Domains

64
Subdomains

58
IPs

7
Countries

3062 kB
Transfer

4578 kB
Size

56
Cookies

108 HTTP transactions
1 data transactions