urlscan.io logo urlscan.io
SecurityTrails logo

freedom1570.com Open in urlscan Pro
2606:4700:20::681a:810  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://freedom1570.com/
Effective URL: https://freedom1570.com/
Submission: On December 03 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 9 countries across 71 domains to perform 338 HTTP transactions. The main IP is 2606:4700:20::681a:810, located in United States and belongs to CLOUDFLARENET, US. The main domain is freedom1570.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.
This is the only time freedom1570.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
42 205.185.216.42 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 169.50.137.176 36351 (SOFTLAYER)
1 99.86.4.74 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 26 2a00:1450:400... 15169 (GOOGLE)
1 52.209.167.52 16509 (AMAZON-02)
2 13.32.99.55 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (STACKPATH...)
11 2620:1ec:bdf::45 8068 (MICROSOFT...)
1 3 108.138.17.91 16509 (AMAZON-02)
1 99.86.4.47 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 34.255.85.65 16509 (AMAZON-02)
1 10 54.217.178.56 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 4 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.93 16509 (AMAZON-02)
8 20.49.104.0 8075 (MICROSOFT...)
1 34.209.39.28 16509 (AMAZON-02)
2 3.248.137.172 16509 (AMAZON-02)
1 1 54.229.62.148 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 18.66.97.68 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 52.54.111.192 14618 (AMAZON-AES)
1 3 108.138.4.10 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
1 54.158.154.2 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
4 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.21 32748 (STEADFAST)
4 44.206.165.148 14618 (AMAZON-AES)
1 18.66.147.24 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 13.32.106.197 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 34.111.234.236 396982 (GOOGLE-CL...)
1 104.111.219.144 16625 (AKAMAI-AS)
1 3.124.129.157 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.157.212.157 16509 (AMAZON-02)
1 3 185.89.210.46 29990 (ASN-APPNEX)
3 3 2600:1901:0:8... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 3 13.32.99.21 16509 (AMAZON-02)
3 151.139.128.10 20446 (STACKPATH...)
1 52.239.246.4 8075 (MICROSOFT...)
3 54.75.190.240 16509 (AMAZON-02)
1 1 35.161.253.160 16509 (AMAZON-02)
1 1 130.211.16.234 15169 (GOOGLE)
39 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 3 2a00:1450:400... 15169 (GOOGLE)
18 23 35.204.74.118 396982 (GOOGLE-CL...)
1 76.223.111.18 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 52.58.215.26 16509 (AMAZON-02)
1 1 35.157.182.139 16509 (AMAZON-02)
1 52.222.214.6 16509 (AMAZON-02)
1 2 54.78.254.47 16509 (AMAZON-02)
1 18.215.228.23 14618 (AMAZON-AES)
1 104.76.200.221 16625 (AKAMAI-AS)
1 216.52.2.19 30282 (AS-INAPCD...)
1 1 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 69.173.144.165 26667 (RUBICONPR...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2 172.217.18.2 15169 (GOOGLE)
1 2.18.233.180 16625 (AKAMAI-AS)
1 1 2001:4860:480... 15169 (GOOGLE)
1 1 13.32.27.36 16509 (AMAZON-02)
1 1 52.6.183.190 14618 (AMAZON-AES)
1 1 54.90.160.21 14618 (AMAZON-AES)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 192.173.30.60 13360 (TRITONDIG...)
1 69.31.54.157 3257 (GTT-BACKB...)
4 99.81.25.188 16509 (AMAZON-02)
4 52.51.126.33 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 178.250.2.146 44788 (ASN-CRITE...)
1 141.95.33.111 16276 (OVH)
2 23.203.77.3 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
338 92
1    2606:4700:20::ac43:44f5 (United States)

ASN13335 (CLOUDFLARENET, US)
freedom1570.com
2    2606:4700:20::681a:810 (United States)

ASN13335 (CLOUDFLARENET, US)
freedom1570.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
42    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.saleminteractivemedia.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
i.simpli.fi
1    99.86.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-74.fra6.r.cloudfront.net
campaign.aptivada.com
1    2a02:26f0:480:f::213:7ed5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
pushtoast-a.akamaihd.net
26    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.209.167.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
2    13.32.99.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-55.fra60.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
1    2606:4700:20::681a:20a (United States)

ASN13335 (CLOUDFLARENET, US)
salemlivechat.com
3    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
11    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
embed2.audioburst.com
3    108.138.17.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-91.fra56.r.cloudfront.net
embed.sendtonews.com
1    99.86.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-47.fra6.r.cloudfront.net
embedcdn.sendtonews.com
4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    34.255.85.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-85-65.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
10    54.217.178.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com
8    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.32.121.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-93.fra60.r.cloudfront.net
cdn2.aptivada.com
8    20.49.104.0 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sapi.audioburst.com
1    34.209.39.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-39-28.us-west-2.compute.amazonaws.com
aptivada.com
2    3.248.137.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-137-172.eu-west-1.compute.amazonaws.com
katzmedia.demdex.net
1    54.229.62.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-68.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1    2600:9000:2490:8400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    52.54.111.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-111-192.compute-1.amazonaws.com
s2l.sendtonews.com
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2240:7600:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
15    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    54.158.154.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-154-2.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp2.33across.com
4    44.206.165.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-165-148.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-24.fra60.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
htlb.casalemedia.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    3.124.129.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-129-157.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.157.212.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-212-157.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
pubads.g.doubleclick.net
3    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
ads.scorecardresearch.com
sb.scorecardresearch.com
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
assets.revcontent.com
images.revcontent.com
1    52.239.246.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
storageaudiobursts.blob.core.windows.net
3    54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
1    35.161.253.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-253-160.us-west-2.compute.amazonaws.com
ids.ad.gt
1    130.211.16.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.16.211.130.bc.googleusercontent.com
adobe.adhaven.com
39    2a02:26f0:64::210:6bb9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
storageaudiobursts.azureedge.net
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
23    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    52.58.215.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-215-26.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    35.157.182.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com
d.agkn.com
1    52.222.214.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-6.fra56.r.cloudfront.net
sync.intentiq.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    18.215.228.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-228-23.compute-1.amazonaws.com
sync.bfmio.com
1    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
pdst.fm
1    13.32.27.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-36.fra56.r.cloudfront.net
chrt.fm
1    52.6.183.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-183-190.compute-1.amazonaws.com
arttrk.com
1    54.90.160.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-160-21.compute-1.amazonaws.com
verifi.podscribe.com
1    2606:4700:10::6814:6b3e (United States)

ASN13335 (CLOUDFLARENET, US)
traffic.omny.fm
1    192.173.30.60 (Canada)

ASN13360 (TRITONDIGITAL, CA)
salem.mc.tritondigital.com
1    69.31.54.157 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
24103.mc.tritondigital.com
4    99.81.25.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
trends.revcontent.com
4    52.51.126.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
42 saleminteractivemedia.com
cdn.saleminteractivemedia.com — Cisco Umbrella Rank: 275586
3 MB
39 azureedge.net
storageaudiobursts.azureedge.net — Cisco Umbrella Rank: 312691
9 MB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
pubads.g.doubleclick.net — Cisco Umbrella Rank: 436
363 KB
30 googlesyndication.com
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
192 KB
25 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4206
i.simpli.fi — Cisco Umbrella Rank: 3504
um.simpli.fi — Cisco Umbrella Rank: 749
14 KB
19 audioburst.com
embed2.audioburst.com — Cisco Umbrella Rank: 535361
sapi.audioburst.com — Cisco Umbrella Rank: 332216
252 KB
16 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 11559
embedcdn.sendtonews.com — Cisco Umbrella Rank: 12957
s2l.sendtonews.com — Cisco Umbrella Rank: 12088
timber.sendtonews.com — Cisco Umbrella Rank: 12338
player.sendtonews.com — Cisco Umbrella Rank: 13056
195 KB
14 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
d3div1mtym39ic.cloudfront.net
1001 KB
12 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 190
katzmedia.demdex.net — Cisco Umbrella Rank: 67940
15 KB
11 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 6228
trends.revcontent.com — Cisco Umbrella Rank: 1584
images.revcontent.com — Cisco Umbrella Rank: 6829
yeet.revcontent.com — Cisco Umbrella Rank: 7158
68 KB
8 gstatic.com
fonts.gstatic.com
260 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 182
333 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2610
20 KB
6 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 6845
cdn.adswizz.com — Cisco Umbrella Rank: 10392
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2664
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5024
22 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 437
349 KB
5 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 945
pixel.rubiconproject.com — Cisco Umbrella Rank: 292
eus.rubiconproject.com — Cisco Umbrella Rank: 558
token.rubiconproject.com — Cisco Umbrella Rank: 540
12 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 798
idsync.rlcdn.com — Cisco Umbrella Rank: 320
485 B
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 384
mug.criteo.com — Cisco Umbrella Rank: 2665
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 309
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 533
4 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8649
www.google.de — Cisco Umbrella Rank: 6168
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
228 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 134
198 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
226 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 706
bcp.crwdcntrl.net — Cisco Umbrella Rank: 853
id.crwdcntrl.net — Cisco Umbrella Rank: 1445
846 B
3 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 2261
sb.scorecardresearch.com — Cisco Umbrella Rank: 149
867 B
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2412
945 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 204
3 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 463
sync.search.spotxchange.com — Cisco Umbrella Rank: 534
2 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 680
127 KB
3 aptivada.com
campaign.aptivada.com — Cisco Umbrella Rank: 47394
cdn2.aptivada.com — Cisco Umbrella Rank: 222494
aptivada.com — Cisco Umbrella Rank: 45826
45 KB
3 freedom1570.com
freedom1570.com
20 KB
2 tritondigital.com
salem.mc.tritondigital.com — Cisco Umbrella Rank: 333787
24103.mc.tritondigital.com — Cisco Umbrella Rank: 606913
579 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1357
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 423
d.agkn.com — Cisco Umbrella Rank: 613
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 402
761 B
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 479
ads.pubmatic.com — Cisco Umbrella Rank: 474
65 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 544
eb2.3lift.com — Cisco Umbrella Rank: 333
647 B
2 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1437
htlb.casalemedia.com — Cisco Umbrella Rank: 512
1 KB
2 33across.com
dp2.33across.com — Cisco Umbrella Rank: 8642
lexicon.33across.com — Cisco Umbrella Rank: 1777
364 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 307
779 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
25 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 728
83 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
11 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 447
625 B
1 omny.fm
traffic.omny.fm — Cisco Umbrella Rank: 27077
415 B
1 podscribe.com
verifi.podscribe.com — Cisco Umbrella Rank: 39976
172 B
1 arttrk.com
arttrk.com — Cisco Umbrella Rank: 36217
349 B
1 chrt.fm
chrt.fm — Cisco Umbrella Rank: 16112
507 B
1 pdst.fm
pdst.fm — Cisco Umbrella Rank: 2009
286 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 399
273 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
630 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 809
311 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 486
454 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1382
421 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1197
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 5813
183 B
1 adhaven.com
adobe.adhaven.com — Cisco Umbrella Rank: 23438
272 B
1 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 3406
247 B
1 windows.net
storageaudiobursts.blob.core.windows.net — Cisco Umbrella Rank: 832507
15 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1280
17 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1502
342 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1740
205 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8151
96 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
17 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4047
167 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 642
13 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 900
517 B
1 salemlivechat.com
salemlivechat.com — Cisco Umbrella Rank: 364203
46 KB
1 akamaihd.net
pushtoast-a.akamaihd.net — Cisco Umbrella Rank: 315251
36 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
338 71
Domain Requested by
42 cdn.saleminteractivemedia.com freedom1570.com
cdn.saleminteractivemedia.com
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
39 storageaudiobursts.azureedge.net embed2.audioburst.com
26 securepubads.g.doubleclick.net 3 redirects freedom1570.com
securepubads.g.doubleclick.net
www.googletagservices.com
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
23 um.simpli.fi 18 redirects
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
freedom1570.com
11 embed2.audioburst.com freedom1570.com
embed2.audioburst.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
10 dpm.demdex.net 1 redirects freedom1570.com
cdn.saleminteractivemedia.com
8 sapi.audioburst.com embed2.audioburst.com
8 fonts.gstatic.com fonts.googleapis.com
7 www.googletagservices.com securepubads.g.doubleclick.net
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
7 s2l.sendtonews.com embed.sendtonews.com
4 yeet.revcontent.com assets.revcontent.com
4 trends.revcontent.com assets.revcontent.com
4 timber.sendtonews.com embed.sendtonews.com
4 idsync.rlcdn.com freedom1570.com
4 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.facebook.com 1 redirects freedom1570.com
connect.facebook.net
4 connect.facebook.net freedom1570.com
connect.facebook.net
cdn.saleminteractivemedia.com
4 www.google-analytics.com freedom1570.com
www.google-analytics.com
4 fonts.googleapis.com freedom1570.com
embed.sendtonews.com
embed2.audioburst.com
4 www.googletagmanager.com freedom1570.com
www.googletagmanager.com
3 www.google.com 1 redirects tpc.googlesyndication.com
3 fei.pro-market.net 3 redirects
3 ib.adnxs.com 1 redirects d29xw9s9x32j3w.cloudfront.net
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
3 stats.g.doubleclick.net www.google-analytics.com
3 synchroscript.deliveryengine.adswizz.com 2 redirects cdn.adswizz.com
3 embed.sendtonews.com 1 redirects freedom1570.com
embed.sendtonews.com
3 code.jquery.com freedom1570.com
embed2.audioburst.com
3 freedom1570.com 1 redirects cdn.saleminteractivemedia.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 cm.g.doubleclick.net 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 loadm.exelator.com 1 redirects
2 pixel.tapad.com 1 redirects
2 assets.revcontent.com securepubads.g.doubleclick.net
assets.revcontent.com
2 ads.scorecardresearch.com 2 redirects
2 match.adsrvr.org js-sec.indexww.com
ads.pubmatic.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 cdnjs.cloudflare.com embed.sendtonews.com
2 katzmedia.demdex.net cdn.saleminteractivemedia.com
2 region1.google-analytics.com www.googletagmanager.com
2 maxcdn.bootstrapcdn.com freedom1570.com
maxcdn.bootstrapcdn.com
2 cdn.jsdelivr.net freedom1570.com
1 token.rubiconproject.com eus.rubiconproject.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 sb.scorecardresearch.com freedom1570.com
1 images.revcontent.com
1 24103.mc.tritondigital.com
1 salem.mc.tritondigital.com 1 redirects
1 traffic.omny.fm 1 redirects
1 verifi.podscribe.com 1 redirects
1 arttrk.com 1 redirects
1 chrt.fm 1 redirects
1 pdst.fm 1 redirects
1 ads.pubmatic.com assets.revcontent.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 www.google.de
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 sync.intentiq.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 adobe.adhaven.com 1 redirects
1 ids.ad.gt 1 redirects
1 sync.crwdcntrl.net
1 storageaudiobursts.blob.core.windows.net
1 i.simpli.fi tag.simpli.fi
1 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 secure.cdn.fastclick.net freedom1570.com
1 ml314.com 1 redirects
1 c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 idpix.media6degrees.com freedom1570.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 dp2.33across.com freedom1570.com
1 s0.2mdn.net imasdk.googleapis.com
1 api.rlcdn.com js-sec.indexww.com
ads.pubmatic.com
1 id.sv.rkdms.com js-sec.indexww.com
1 d3div1mtym39ic.cloudfront.net freedom1570.com
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 cm.everesttech.net 1 redirects
1 aptivada.com campaign.aptivada.com
1 cdn2.aptivada.com freedom1570.com
1 embedcdn.sendtonews.com freedom1570.com
1 salemlivechat.com freedom1570.com
1 cdn.adswizz.com freedom1570.com
1 synchrobox.adswizz.com freedom1570.com
1 pushtoast-a.akamaihd.net freedom1570.com
1 campaign.aptivada.com freedom1570.com
1 tag.simpli.fi freedom1570.com
0 global.ib-ibi.com Failed
338 116
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
cdn.saleminteractivemedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-01 -
2023-04-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
campaign.aptivada.com
Amazon		 2022-06-09 -
2023-07-08		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adswizz.com
Amazon		 2022-07-22 -
2023-08-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
embed2.audioburst.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-06 -
2023-08-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-11 -
2022-12-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.aptivada.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2022-11-21 -
2023-12-20		 a year crt.sh
*.audioburst.com
Go Daddy Secure Certificate Authority - G2		 2022-06-28 -
2023-07-30		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2022-10-29 -
2023-11-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-05 -
2023-04-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
assets.revcontent.com
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-09-22 -
2023-09-22		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
revcontent.com
Amazon		 2022-06-16 -
2023-07-16		 a year crt.sh
images.revcontent.com
R3		 2022-11-06 -
2023-02-04		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://freedom1570.com/
Frame ID: 985B9EF17F3F050EC7DACECEFA55F7CE
Requests: 153 HTTP requests in this frame

Frame: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B404FC9ED0BB711B83B8313DCC56F6C7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 73E5C798C34FA1DD0BB98C6E87EDA4DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: C2E35A0879149ADAF036073948C8E2EC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 8DD89702120CF43B081164C368987972
Requests: 1 HTTP requests in this frame

Frame: https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Frame ID: 37D70690853BC7FC6F8F54C259E97801
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 4DD5292E9B037C304B503876B2BF18A1
Requests: 2 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=660&widget_type=widget&app_type=&environment=external
Frame ID: C0C10B8359504D315E37FC75310F3FCB
Requests: 1 HTTP requests in this frame

Frame: https://katzmedia.demdex.net/dest5.html?d_nsid=0
Frame ID: BE944C0D44E04F3A2343237D204B4904
Requests: 13 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 8FC93986E3610EAF13E6DFF551066335
Requests: 16 HTTP requests in this frame

Frame: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Frame ID: 671868240010720C750D629FE208A1E5
Requests: 60 HTTP requests in this frame

Frame: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 608841DCB7F92ABD4451259909267D75
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8ixdtNCAiBBxBwEUQmHNh3FTohqFYbf7l-1bteIl4O9Mm2XA00X4cCOiX8U9qYccXxLov54PAguyUiSUwRGAkwL_M53BMqmNG7Q9D61gw13QtA-fU6cAX1pnVDqinuoHIMEUzD1DpgtUVKiMvV0OagKAdayokFnBa0DkJcOnyuRDzOO0Idv3WE0CcVhL841mT4EURHWRr8qXuk0B5vlp7gOq8PSV4eZXdd5I1eSf6IfFARew9iZ4Pjbm-DU0YQ229WiQpjU8c_fcKqBmJQHSxEpgsZNasCBDndO45iNoFFY3nAWfOVew7Ea-00RYyQvs&sai=AMfl-YQBAtdOyGC6iMdmzw9JL9rQ4M4Z8bgWoLwJDPeioqNk0bGiZl3SFhNnt924qDAHJAAfFMSPcUJ4_sRx2MG92UXqDJGXAh8WbYNIbDs0uziVCtal3854QHDuBSWvE3jXE6TJ0hqzx6xLvhDj3ZjUbLA&sig=Cg0ArKJSzAJ4GelL4PteEAE&uach_m=[UACH]&adurl=
Frame ID: ECE4F2B4B9DA8E966A6C95FA5B3332BB
Requests: 8 HTTP requests in this frame

Frame: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 88B97C01E4007B7ECFB57E053A87C069
Requests: 8 HTTP requests in this frame

Frame: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6341BA384E9E971C3ACC89F646964B6A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXsM1YEqIdonvUMi3Nli3W1aUhBbgbvr88iHWG6nG1jNIHaO-wQG48HCvnNjVTMXEUt4tT-dvvScqeWFrNHfNB8tuujstJ2Vdv4HAjryt7fI3yzFE6rdSqMGIioTWa8W9PGbEYAwLtTCnIeGmNsEK12AHbNLC0dSusz1otYZ1LVifK1TBV3cY44k-YmVnKZyU0Vu4KpDo4KCJ99XfbzAo6HVgd4FNN4SphUimBkCmz3TIOrY50RyESthkstJBeL1uhU7AaPirZ2VJHIvRiCsE74c4r2cpC7P8TTXvCRleyTVFSFRZlXIXD0ELk3duoCZw&sai=AMfl-YRcGTGV290hQ8CNgnkVxDgNXTH2Eoc7KHWtJ7rK04wPQ9-V0oQDZCP3ZAK0lk_7_DdYsEBEoEXckvf2IZEI1JXAYL1sFx9oOHIFf8vqFyIJ1vSXflb3EveJIlbNlxSQ960x5AEDZGPo4d2JPXK3fl8&sig=Cg0ArKJSzBIcj-9QNIKxEAE&uach_m=[UACH]&adurl=
Frame ID: F6162A8E08C2C55A9182614B462A99EC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssrtJopz8zV5XYYfDm60jBMVKIrjqpEpSN8N9ocVeTXSF-lHKAAS1qrBgNnr1Ej8N92On0NU6uOKzcENUlDfr42oXsckMTe-7LszR5FmR_OgKBXabDRsUlPmX-0StCUD3e7Fu6kfeX_7i340G5MoqcRtgivyPXSD_Qz18nyU6ga1cRwDwHDTwogiLZvty9KOjqlFh9sEwKqpchn13YCrISZJxGCUdMaYN6NcU9u4s0MOo1CnSFe47CLnrEdQ99wPoD16qezSAzdVsTtFiZcESiBvbfZBKBJ-TSyzDeKjtI9mQZ6X4VQauJKwKPUQ7e8OY&sai=AMfl-YTSlKrHCIJJ5BYLnjLMj4e1sfiP4ihsrnbHCuLRsAuhpnvmaZ5J-F2Rs8u70fNBxd_ZhvGdoC6MLQwreaDlSFoEb8fIjV7EzdbZSQB5C3Afra3m7_kZxP7iTiySRZa7AiLaQMBv1Pyxel0TTUmePWo&sig=Cg0ArKJSzP0CogSykzRDEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4D0F671165164784F64CB24D2ABBD9F2
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html
Frame ID: B43133908B93EC4C4DB22E2251CF5E3B
Requests: 3 HTTP requests in this frame

Frame: https://c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6D979BC3B9986680C1E8640B366A03C7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ed7f56e3564%2526domain%253Dfreedom1570.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffreedom1570.com%25252Ff3cbfef74625ccc%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FFreedom1570%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: 71F68CBC1F007E3E2E976811DD77E658
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJMWqMAq0Pu9Jnpo6qkgUh-U47V7dFb5uINwheKTg-CT3Oh3ZiafrjU5SHydAu5qV82BNsRcvih_Pn6fPlsp3D--OrTIRxzSkI6BVhT0xG87Ff-4AOD-vIg0t7LsXK9P3XMRLAV1Kvcdlfr7vyV3yi0lX3vouASW8aFEDFNWiY_fiFOwjFHyTqsiyyhcZiD-mhpsgElwcFCXz6hb6QKVQDs0M0SAbMpMvFLev6sHO9fUbMeJnSyOb6TNomPPQcWG9VmWphdsBz92M2XhvSMSE8m6biIaQaNkyFlMrTgb09bojDqBZmmKBmwTOQ4WBk0-CBjlq9labe&sai=AMfl-YQLA1mssfmp89wXt33ZqkY2Enw6t3zFKBb10WmYVt9dJ36tj2AXQ-6gP3kIDo-tWCriUCh1Zy6z-1UUl32Tk5G_RhFo9Ro7a_bWlc8SwABY3G5tcG_SjFhCpS-XmEYkpA&sig=Cg0ArKJSzNwSASCHIKGhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 03ED544571F31645E71F22381B69A3B7
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 867D81688A6C84477ED73D6D1E5BA4A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14B43E4A36185602CCA877762C35C808
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1552C94F753B9FBF5F14E0377AFB3C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A07942273757AA9DF3A68C1938C8CED8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BB3D2E8180992223AD77115DDAC41424
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freedom 1570 | KDIZ 1570 - Minneapolis, MN

Page URL History Show full URLs

  1. http://freedom1570.com/ HTTP 301
    https://freedom1570.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

338
Requests

89 %
HTTPS

36 %
IPv6

71
Domains

116
Subdomains

92
IPs

9
Countries

16161 kB
Transfer

23702 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://freedom1570.com/ HTTP 301
    https://freedom1570.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://embed.sendtonews.com/player3/embedcode.js?fk=STBtG2Zi&cid=12095&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/20221123X/embed.js
Request Chain 28
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Request Chain 92
  • https://cm.everesttech.net/cm/dd?d_uuid=70612628178048321572362312578120419971 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4tPWgAAALHE2wN6
Request Chain 110
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 145
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaNTs2ucKMol-BeOvr_OK3hW7yzzacIKlJgBc2jolgTG_uryUffDzTpLgb5ofacbT_f0IkLzRlltsBpApvN2RDWyVaO5LgG7dPZHn8dKGNhysNamlqoO-mwN_OhH65xTSJaIb51e6UPU_sSUYALqK2ZgrCCzDj4V08YuG67502cCXUoD37WqNecdkKqyqXSbfC6AUz6BLCj_zi_XYb-EnWMibQ6X13-IaW4LwCACsoHKmME3B4J51BTmD5z_n0sPDC7hSSrBHhhW87BY6jcSiGEyFgAnSs9SdYdI18HiCnXleFgRu80mKy92kJhzAsOhkWhHw&sai=AMfl-YSxV-uT46TvDkTtFoFYDNKM6XkAXpFyRxXG7aXHcbdA7bXtI3noqQRNKmsk3gKZ7UKOu4JM9UgSzeiyxa9Gx5_byi-68uXS-YasJ1jg90Yh6ajDD4RnanWXbeK7gz5A2RG9POSu1P_20fEN3FMZvfM&sig=Cg0ArKJSzIgZELg00MWHEAE&uach_m=[UACH]&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/sa23dc-web-ads-300x600.jpg HTTP 302
  • https://cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/sa23dc-web-ads-300x600.jpg
Request Chain 148
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMxxLIowxbrxu1LD4IKCHqTDtd7UFxK8xlh04J-eo2B7pe1IfRgjO_ZRU5D-93h27OO9rhJ93_0JI_DK8CxKeLgA6dIGJL60rfa8i0DRmj7JHlYOAPcgvIkiaw4-z5PRIDbc1sLFHuiBB1vnXhj7tD1alnAt1wjTfrA2Kjz_efkoParRGylgPHapaE1LwlcuGjUM5wLbWnJfxYQtkwrQuZRxlfz1QOvGy4z2UoGJW6m5EM1gCKWlBBfg6z1bTQgdPsqJLzS_6P7h5NYzjE4mMZQDNvEb3b8zhV5wYm5u9MoEecbY2gcP1ydjf4baXvoremEFY&sai=AMfl-YS8QCb4DOFlfOMD6EJnp-l6Mv6GCJ3hbAalXJNmFdYObN-Y6b9f3vvU-Qmg3Yc4nbLmXei4N7UQ0Awe6lYtvqzXVKBClWSoFhymPrAUNZrBnxEFgOZ2PEouiALeq3tCd4gKWbOjrqlT98tbeRwgozE&sig=Cg0ArKJSzApS4emADoq8EAE&uach_m=[UACH]&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/970x250.jpg HTTP 302
  • https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/970x250.jpg
Request Chain 151
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ_NbLybIdrPIcytjogkzuPKBEYEUT72GQWFnlDrHZOiGH9QuDv6cGlD0cmVLcWUxndS8Ey_Yv9Mvdn16nWD6vys2pazPAmblbdBPM7EKs-cc4I20X2RuKvbPQKpE1OxhXRYwLuzNjXX40XpZvXJolYtP533eE-mDBE5pKQfN275hKHm9zdhrKerUpOgKUmOHKcnZQH4SRanUGQyf15N7SJfz3oe-0KHvg8avv6WDkGm452yaEAPqYhumv_f956jr8xYfUsxggVgQMRyJ0tXgw67qAxOAdSqmx6uZxgDmbTG260MYsuEBt-rqC-tVoUr8eBps&sai=AMfl-YTtj7g4reBUCO7xARG3kaScW05vGOA25CEHWL-dLJLlCOFirr4zf_1sD5rvDDuEEdGR1Q9b3HANIHdHlkYTR3ZnqEv44Kxe4VFBLs4haDyQlEAUgT1T9DljzlijhBx5Gl-9KcddCtPGWfQqMEHvZKo&sig=Cg0ArKJSzH22AnLoV4gjEAE&uach_m=[UACH]&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/300x250.jpg HTTP 302
  • https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/300x250.jpg
Request Chain 192
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631906971014135827
Request Chain 202
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70612628178048321572362312578120419971 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=2309893381915494403
Request Chain 206
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=70612628178048321572362312578120419971&rn=1670074202128&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70612628178048321572362312578120419971 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=70612628178048321572362312578120419971&rn=1670074202128&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70612628178048321572362312578120419971 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70612628178048321572362312578120419971
Request Chain 209
  • https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed7f56e3564%26domain%3Dfreedom1570.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffreedom1570.com%252Ff3cbfef74625ccc%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFreedom1570%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ed7f56e3564%2526domain%253Dfreedom1570.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffreedom1570.com%25252Ff3cbfef74625ccc%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FFreedom1570%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Request Chain 218
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Request Chain 219
  • https://ids.ad.gt/api/v1/put/adb?adb=$70612628178048321572362312578120419971 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=73053b59-3b6c-4437-94a1-2967feb22824
Request Chain 221
  • https://adobe.adhaven.com/bid-engine/cs/88cd52b8932ea1f9237bcd284fae8923/v1?puid=70612628178048321572362312578120419971&rd=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D87898%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_f71464af-45fc-4fcc-8895-1a629d33540a
Request Chain 266
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=395D2C02B3A2422298C03E17546D7B53&dongle=yf3
Request Chain 267
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=395D2C02B3A2422298C03E17546D7B53
Request Chain 268
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53
Request Chain 269
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=395D2C02B3A2422298C03E17546D7B53 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1670074205403&ip=193.27.14.40&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217403104354001734404 HTTP 302
  • https://um.simpli.fi/aa_px?sk=217403104354001734404 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 270
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=395D2C02B3A2422298C03E17546D7B53
Request Chain 273
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=395D2C02B3A2422298C03E17546D7B53;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=395D2C02B3A2422298C03E17546D7B53;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-2726394328221531592
Request Chain 274
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0&xl8blockcheck=1
Request Chain 276
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=395D2C02B3A2422298C03E17546D7B53
Request Chain 277
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=395D2C02B3A2422298C03E17546D7B53
Request Chain 278
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=395D2C02B3A2422298C03E17546D7B53
Request Chain 279
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=395D2C02B3A2422298C03E17546D7B53
Request Chain 280
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=395D2C02B3A2422298C03E17546D7B53
Request Chain 281
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1670074204556&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=XU-LY_mYDbOXxdwPw8KA6AM&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XU-LY_mYDbOXxdwPw8KA6AM&cid=CAQSKQDq26N9yaSaDs_dT5Q7HK-BEyrfLPLq72-kRhNg5IG6yVRx2r_kfd0YIBM&random=472929340 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XU-LY_mYDbOXxdwPw8KA6AM&cid=CAQSKQDq26N9yaSaDs_dT5Q7HK-BEyrfLPLq72-kRhNg5IG6yVRx2r_kfd0YIBM&random=472929340&ipr=y&prhg=0
Request Chain 282
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53&__user_check__=1&sync_id=99537a8d-730e-11ed-aad7-1a7cb9e30506
Request Chain 283
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=395D2C02B3A2422298C03E17546D7B53 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D395D2C02B3A2422298C03E17546D7B53
Request Chain 284
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=395D2C02B3A2422298C03E17546D7B53&expires=365
Request Chain 285
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=395D2C02B3A2422298C03E17546D7B53
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIgvwo_E5rX6JnYljmRQ_40&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=395D2C02B3A2422298C03E17546D7B53 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 300
  • https://pdst.fm/e/chrt.fm/track/23284G/arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?utm_source=Podcast&in_playlist=340f2516-80e7-4444-b858-a8400005cd7d HTTP 302
  • https://chrt.fm/track/23284G/arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?utm_source=Podcast&in_playlist=340f2516-80e7-4444-b858-a8400005cd7d HTTP 302
  • https://arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?utm_source=Podcast&in_playlist=340f2516-80e7-4444-b858-a8400005cd7d HTTP 302
  • https://verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?utm_source=Podcast&in_playlist=340f2516-80e7-4444-b858-a8400005cd7d HTTP 302
  • https://traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3 HTTP 302
  • https://salem.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio/direct/t1669930111/End_Humanity.mp3?t=1669930111 HTTP 302
  • https://24103.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media-session/2d667845-ca07-4f50-b2df-247e3b47b675/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio/direct/t1669930111/End_Humanity.mp3?t=1669930111
Request Chain 335
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreedom1570.com%2F&domain=freedom1570.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=t0Mz9nxIZ0lkWTAzcm1ITlhLZEh2aTM1QlU5alJaYzBLT2VxeXpZK0tZR0MwbEZ5L3pGS1lYVGJwRDRwYkJLUzY1dGJ0RDlrd2czSDNWaXY3Q3RrbzlmcUVSNlF4QjcySnM3L3lXUVV5WjhGVzNoVHo0R0V3bE53UzlGdUk1V3d4eHdCcHJOYVNyV3lRT3dEckI0ZFJaRjZtUW8wWnFtZmRMTFJXQnZDc0k3K2tBR1pIRU1SMVNHR0hUUG1TL1JYZ0ZDTGUyemtpMFBTMmtYbXUzODJqams3VGo4OW1HVEUzMDVwbjRoSjR1MUtNM1J3PXw&cppv=2

338 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freedom1570.com/
Redirect Chain
  • http://freedom1570.com/
  • https://freedom1570.com/
90 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e72e8fafd55f6729c2056a89f3d697a4106e2aa417ef7fc6ded74f79545c8bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arr-disable-session-affinity
true
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
773ca7795f28bb91-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 03 Dec 2022 13:29:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
autoplay=(self)
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLrAtzq0aeCGsMU4dWBcaUGyZ1%2B9nLF14NV3yHTmwLG3i5YKUhjmDETrfr4X9vdWmXx6NazPyLK%2Bbx9fz8sLJoxplTJOvo2I6OXC0MhuRBqt09njP7vMHuf9FSMUE%2FA9AbNJqyftEHc8WfGhIw%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
server
cloudflare
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN

Redirect headers

CF-RAY
773ca778fec75c2c-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 03 Dec 2022 13:29:57 GMT
Expires
Sat, 03 Dec 2022 14:29:57 GMT
Location
https://freedom1570.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRiu9MXVaXaRZQXZpI2xWfGb3oCNWU3qnBMhhneXV%2Bzx3%2FVzHWlN7bvvA1wWI1auW2zEtuQv6XU5gvBmWFsEyn4dBizY1uG1renj4fulLQWmU7bGrOSVa5c0TWXYXpmi%2BamkNRObG6m%2Fla0GAA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
smart-app-banner.css
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22217126
x-jsd-version
2.0.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NgaQPPo1u5S03YdsO5fAxL%2FRmecGIjKaLE9LVlQzV1s3%2F8KoFC%2FXgc6%2FKtAtUwpIcvaq%2B5cEL9eM%2BhrwAVqQgJeiFrZYOFgzolkvxECEvsBpXPQMcUYgyvYmxPCPoWWcYx7Es0p5YcIkupy5cg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
773ca77b5cf99c04-FRA
visitorapi.min.js
cdn.saleminteractivemedia.com/shared/scripts/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/scripts/visitorapi.min.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ec117a86e37ce5d803887e844fd859f9380d3c825793279d7602e75cd7423e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
uCVvGCcd0xy/+yUKnC8B2A==
content-length
20925
x-ms-lease-status
unlocked
last-modified
Wed, 26 Oct 2022 19:37:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB7897A41C2A5
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds202.lo4.c
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
599e0fbb-c01e-0027-1d7d-e992ca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=28279602
x-ms-version
2009-09-19
accept-ranges
bytes
dil.js
cdn.saleminteractivemedia.com/shared/scripts/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/scripts/dil.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee4eda87191d653a4ffa291a3b8a7c0c679ccf675a90dcbae5159568b9a5efb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
ivxZZDpYwa9dNLUVXw7/0A==
content-length
11771
x-ms-lease-status
unlocked
last-modified
Tue, 01 Nov 2022 17:24:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABC2DE7EC3F14
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds211.lo4.c
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
547fe30e-d01e-0038-2317-ee49da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=28785418
x-ms-version
2009-09-19
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VEN16DTW8J
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e1c588ab8720161433724663f8aac15e89cd07666696957ed523643753ff5e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76871
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 03 Dec 2022 13:29:58 GMT
css
fonts.googleapis.com/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf1fea9a09729d4780a219bf13b15b5a5b9f088f143a4f028115fefda2dbffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 13:29:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Dec 2022 13:29:58 GMT
head.60936455961063ae18e9.js
cdn.saleminteractivemedia.com/dist/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/static/js/head.60936455961063ae18e9.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7a6752b5365f55ea5f587f8d096f18a214f7961a92b8d1a929d66cf33f01623c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
1bTJ1k3ARUYr15+mKQ2p9w==
content-length
845
x-ms-lease-status
unlocked
last-modified
Fri, 22 Apr 2022 13:34:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA2464E422EEB6
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds209.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5746a7f5-001e-0031-064f-565354000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=12097055
x-ms-version
2009-09-19
accept-ranges
bytes
ntbase-blue.css
cdn.saleminteractivemedia.com/dist/03b446bb/site-css/2019nt/ 		193 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/03b446bb/site-css/2019nt/ntbase-blue.css?hash=484b93e9c18653fdcfc1
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
39651c47291003c0a658718391ca99f586a2f86617a2390a0deb233d97baa5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
ZcF8CroS4XR8JeMLKBbl/A==
content-length
32055
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 19:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD49C740AB780
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds227.lo4.c
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
89d833d2-001e-003a-0287-064b20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31472366
x-ms-version
2009-09-19
accept-ranges
bytes
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
dab674ba8d1aa4a1d1675e0bdae90036
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
773ca77b6ab6904e-FRA
cdn-requestpullsuccess
True
a2fee930-b8b0-0136-d8da-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 03 Dec 2022 13:29:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
Fy1LoqEiRS0ckvSQjkgh
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
widget.js
campaign.aptivada.com/ 		75 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaign.aptivada.com/widget.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2784c542114791c6dbd92d298e5472ef1f0595eb6cfb515758c2a05e27a915f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
UoT3heo5YFH3_PMfEdnsxWImwNucpmP6
content-encoding
gzip
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
date
Sat, 03 Dec 2022 13:26:37 GMT
last-modified
Mon, 22 Nov 2021 21:42:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
557
etag
W/"3ad3a6232d4f711267c5e1c660ae4d2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6xrGWqwfvz8Ikw0RFTjtFmWVwGXLTvechl1ugof4X7LpJQWKsg9-8Q==
sw.register.js
pushtoast-a.akamaihd.net/2.0/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushtoast-a.akamaihd.net/2.0/sw.register.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52bcfe58e4b6dc7a7dff59c2f1630939bb80af3628deecc84c9b50ea6c737a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
iSFNL_93.64qrcehzlp.kld9vI4vwoCc
Content-Encoding
gzip
Date
Sat, 03 Dec 2022 13:29:58 GMT
x-amz-request-id
J314CQQCBYESC4SD
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
36015
x-amz-id-2
3j6UHYemVbjIxpZBMCfFqiGHlxHjQEgPxFPndItQ23nyKHH4HWbrzbvvh1Wfvca2fCk2T3S0yhY=
Pragma
no-cache
Last-Modified
Tue, 01 Nov 2022 20:08:10 GMT
Server
AmazonS3
ETag
"73c97061473ccea21e636d1aa87c951d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Sat, 03 Dec 2022 13:29:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27506
x-xss-protection
0
server
sffe
etag
"1410 / 171 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 13:29:58 GMT
smart-app-banner.js
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22218557
x-jsd-version
2.0.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19157-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CA6jR4XjPfZz6nWgcsI3HFUChHvI9Bs94pR0iUIKOzjC9g6SxLuiOakVCkF5KVdgKhXI1XGPtKICA8%2BBkGcgE1JZYhT%2FsEswa0DYXncxixypX2Vwaa6%2FDQYhjDLAKJEWxR3ElqWccTUbpw7U8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
773ca77b5cfd9c04-FRA
register2.php
synchrobox.adswizz.com/ 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4ff7d1e40eb1aeb79c00ad50dd785229e67e17448a2df97b8b5e6c01d05e0326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 19:20:29 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
65369
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
bPVOKlXMsq_cVCnnHrRv5XuigEA2RYj62A_whVSd94BmJ1FlGtngIA==
invitation.ashx
salemlivechat.com/scripts/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salemlivechat.com/scripts/invitation.ashx?company=kdizam
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:20a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2b7489acbad9bf28365dc1169dadeb1647f119f7033b16261c585141a18c4a55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
46330
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSEAcoVexm9ttjC0HoabEia4pz%2BCg0QlHFwqUmTMF5xq7Wl9rlkiI1CiIhWVM7QUCjK2fLq9fp76ctzoIp8U4WPcIl9lm6j3wl0PEm15DwFc8DFhbMBQT4flSMaNHPVCqD7YcgTgnsvAvZv%2BxaKH"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
private,no-transform
cf-ray
773ca77d9b439c01-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:59 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
x-hw
1670074199.dop009.fr8.t,1670074199.cds003.fr8.hn,1670074199.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
absdk-es2015.js
embed2.audioburst.com/dist/audioburst-sdk/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c18988340106fef563c563f41d9435a04e1d9094655fe3c5351af01b5c507a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:57 GMT
content-encoding
br
last-modified
Tue, 15 Nov 2022 14:26:32 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
oiiry1SJGaOIKbe9BLzodg==
x-azure-ref-originshield
0XoaKYwAAAACAY1b2TTwHTaqyz6ycWhcARlJBMjMxMDUwNDE4MDUxAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DAC7156477EE54"
x-azure-ref
0Vk+LYwAAAAB4dY51dHcDRKyYPbUPi9f/RlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7b70a97f-801e-000a-2def-056c28000000
x-ms-version
2018-03-28
accept-ranges
bytes
snc-300x50.jpg
cdn.saleminteractivemedia.com/199/media/corporate/salem-news-channel/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/media/corporate/salem-news-channel/snc-300x50.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
707fba09724b09f8408f87d91584ace86c1e7f1a1c9a26795074500eac85231e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-md5
46J1Ov2HokdP31QCH0wJwQ==
x-ms-meta-uploadedby
Overby,Arnold
content-length
7440
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 18:30:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD3CA0F487939
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds109.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
d88fe6bd-c01e-004a-30ba-0538e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
embed.js
embedcdn.sendtonews.com/easy-stn-player/20221123X/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=STBtG2Zi&cid=12095&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/20221123X/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/20221123X/embed.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Server
99.86.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-47.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4bed9cd8e28faeb5e8556111819d28dd80df0267b7e95e6a4943c7fc5e8b9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:22 GMT
x-amz-version-id
nagQePjeiME42wI93WX2cYlbjeExKqo2
content-encoding
br
last-modified
Wed, 23 Nov 2022 23:53:34 GMT
server
AmazonS3
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"c01da816548774a8185fda97215f6896"
age
37
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
e2NBjf3zzbfA6G3bI6jhYOHQxelxFOyI2CgKZ3AqcUgdaegfYqWfmw==

Redirect headers

date
Sat, 03 Dec 2022 13:29:58 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/20221123X/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
hCp_LeL-qrlE--9qVPxtn8mcI74eWMMZJ9KMlFh0ZUDDEYlbOGcflw==
legacy-main.min.js
cdn.saleminteractivemedia.com/shared/scripts/ 		703 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.min.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
588133c793503d8e894dd83e66971a0021c12acefe6003c60e2faa40948d09b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
TScqCQvt4cZFL1uRf4U93Q==
content-length
330
x-ms-lease-status
unlocked
last-modified
Tue, 21 Jun 2022 00:19:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA531BAF054F76
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds088.lo4.c
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b08c00ee-601e-004c-3d08-85cf9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=17234044
x-ms-version
2009-09-19
accept-ranges
bytes
vendor.b277c96ebd0153da4e7f.js
cdn.saleminteractivemedia.com/dist/static/js/ 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
Pv/GkQdecaOXfB0NhOUMYA==
content-length
37609
x-ms-lease-status
unlocked
last-modified
Mon, 14 Feb 2022 17:33:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9EFE01A0F4418
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds208.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
754ef8e6-801e-004d-12cb-21ce61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=6322882
x-ms-version
2009-09-19
accept-ranges
bytes
vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js
cdn.saleminteractivemedia.com/dist/static/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/static/js/vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
986841307db09386ceafe253761bb5afc8446769548317550d4e520a9028bdee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
1CAEMtMsxN3hv47e3KRZAQ==
content-length
7608
x-ms-lease-status
unlocked
last-modified
Fri, 22 Apr 2022 13:34:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA2464E42BC798
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds274.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
91951bed-001e-0057-734f-56e10e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=12097055
x-ms-version
2009-09-19
accept-ranges
bytes
2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~surround2021~tuition2020.2c468f27755bf41a6bb1.js
cdn.saleminteractivemedia.com/dist/static/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~surround2021~tuition2020.2c468f27755bf41a6bb1.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8ddf5fad03f57f4cc7ef799147663b8c9d450f91d171cb07f6c8e5a075024b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
UT079w5N6zMx/uYcJonXlQ==
content-length
12973
x-ms-lease-status
unlocked
last-modified
Wed, 23 Nov 2022 16:00:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACD6BD632F647
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds208.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
357fb9c9-d01e-0055-1255-ffe3f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30681499
x-ms-version
2009-09-19
accept-ranges
bytes
2018a-2018ccm-2019nt.6f14af104e2af6491d1a.js
cdn.saleminteractivemedia.com/dist/static/js/ 		140 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.6f14af104e2af6491d1a.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7ef8d178aa39eac01d4da341e5e4870d8e4d2678890ee639f7e41c799109d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
gzip
content-md5
5lfATiLSLbDLg60UAGy4Ew==
content-length
34789
x-ms-lease-status
unlocked
last-modified
Fri, 04 Nov 2022 20:17:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABEA18FF0D739
x-hw
1670074198.dop201.lo4.t,1670074198.cds292.lo4.hn,1670074198.cds221.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b323f350-e01e-0019-0a8c-f024eb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=29055543
x-ms-version
2009-09-19
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FBKNGF
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc6eb58dce9579d36810601ab53059c4dc3aaa863cc5880e0bbf1a7645613b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 13:29:58 GMT
gtm.js
www.googletagmanager.com/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8819d1714c20193c1fea86a08634aadcb119e4ad55b040a7c39dcb1ef51ff043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39060
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 13:29:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 13:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
852
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 03 Dec 2022 15:15:46 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0k/gHykORjg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vmwaTLG9S9Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52097637-6&cid=822983241.1670074199&jid=1370980472&gjid=698644311&_gid=987907906.1670074199&_u=IGBAgEABAAAAAEAAI~&z=807645328
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Dec 2022 13:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1403478960&t=pageview&_s=1&dl=https%3A%2F%2Ffreedom1570.com%2F&ul=en-us&de=UTF-8&dt=Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAGAAI~&jid=406638975&gjid=1771167948&cid=822983241.1670074199&tid=UA-22249776-3&_gid=987907906.1670074199&_r=1&_slc=1&z=1343556643
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1403478960&t=pageview&_s=1&dl=https%3A%2F%2Ffreedom1570.com%2F&ul=en-us&de=UTF-8&dt=Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAGAAI~&jid=453078095&gjid=628601650&cid=822983241.1670074199&tid=UA-34961268-2&_gid=987907906.1670074199&_r=1&_slc=1&z=1094845969
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1403478960&t=pageview&_s=1&dl=https%3A%2F%2Ffreedom1570.com%2F&ul=en-us&de=UTF-8&dt=Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1370980472&gjid=698644311&cid=822983241.1670074199&tid=UA-52097637-6&_gid=987907906.1670074199&z=1807758109
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38799
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22249776-3&cid=822983241.1670074199&jid=406638975&gjid=1771167948&_gid=987907906.1670074199&_u=IGDAAEABAAAAAGAAI~&z=440479448
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Dec 2022 13:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-34961268-2&cid=822983241.1670074199&jid=453078095&gjid=628601650&_gid=987907906.1670074199&_u=IGDAAEABAAAAAGAAI~&z=98990199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Dec 2022 13:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022112901.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133261
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:37:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 12:37:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		110 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8d739e16cef5ef13eeb51110c54d03498ad74145af147e268a031adeced04d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:29:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 03 Dec 2022 13:29:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qboXMHDyzNyR/fukbW6M/LJcvXGnvXiQlKL7/4FyPn+MUKaIuU687MmCLVa9cF5cgu8iejf/R/LxiGIbvCg7Rw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VEN16DTW8J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c14d716d4f1ec3bbfcdd3009a3020cff5a5be739e577f7aa5c49a4cd347b913e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76885
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 03 Dec 2022 13:29:58 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VEN16DTW8J&gtm=2oebu0&_p=1403478960&cid=822983241.1670074199&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670074198&sct=1&seg=0&dl=https%3A%2F%2Ffreedom1570.com%2F&dt=Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEN16DTW8J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:29:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
390961805259193
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/390961805259193?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7db64b3729088bbb0fbcb9f0cb04276ca6767df3dbc0d1402f832224321568
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 03 Dec 2022 13:29:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Yq54yA8HQIFt/IF/9IGaTkyuPx5hOn6dBd73iAwUIfjrzGLML/IBO2Tc7o8IfHVi/MgrdREkQFAMXCf3SDnSew==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Ffreedom1570.com%2F&rl=&if=false&ts=1670074198934&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1670074198932.322969764&it=1670074198811&coo=false&rqm=GET
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 03 Dec 2022 13:29:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=390961805259193&ev=Microdata&dl=https%3A%2F%2Ffreedom1570.com%2F&rl=&if=false&ts=1670074199440&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN%22%2C%22meta%3Adescription%22%3A%22Freedom%201570%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.saleminteractivemedia.com%2Fshared%2Fimages%2Flogos%2F269%2Ftemplate3_logo.png%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fcdn.saleminteractivemedia.com%2Fshared%2Fimages%2Flogos%2F269%2Ftemplate3_logo.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.saleminteractivemedia.com%2Fshared%2Fimages%2Flogos%2F269%2Ftemplate3_logo.png%22%2C%22og%3Adescription%22%3A%22Freedom%201570%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffreedom1570.com%2F%22%2C%22og%3Asite_name%22%3A%22KDIZ%201570%22%2C%22og%3Atitle%22%3A%22Freedom%201570%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1670074198932.322969764&it=1670074198811&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 03 Dec 2022 13:29:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		195 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1360837157070732&correlator=3667447591472297&eid=44777900&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=6177%2Cslm.kdiz%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x150%7C970x90%7C728x90%2C1x1%2C1x1%2C1200x150%7C970x250%7C970x90%7C728x90%2C300x300%7C300x250%2C880x110%7C1200x150%7C728x90%2C300x600%7C150x300%7C160x600%2C300x300%7C300x250%2C1200x150%7C970x250%7C970x90%7C728x90&ifi=1&adks=2557706795%2C1919828273%2C1919828272%2C3807499741%2C728749849%2C4199487070%2C3996717227%2C728749844%2C3807499718&sfv=1-0-40&ists=192&prev_scp=pos%3Dskyline%26traffic-percent%3D17%7Cpos%3Dtakeover%26traffic-percent%3D17%7Cpos%3Dpromo%26traffic-percent%3D17%7Cpos%3Dtopfeature%26traffic-percent%3D17%7Cpos%3Dtopbox%26traffic-percent%3D17%7Cpos%3Dmiddlefeature%26traffic-percent%3D17%7Cpos%3Dmiddlebox%26traffic-percent%3D17%7Cpos%3Dbottombox%26traffic-percent%3D17%7Cpos%3Dfooter%26traffic-percent%3D17&cust_params=siteID%3D269&sc=1&cookie_enabled=1&abxe=1&dt=1670074201813&lmt=1670074201&dlt=1670074198255&idt=535&adxs=200%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=20%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffreedom1570.com%2F&frm=20&vis=1&psz=1200x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1200x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=822983241.1670074199&ga_sid=1670074202&ga_hid=1403478960&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be6ec671d680cdd7cdc8bff16c666368dbcad009099ca5128dce8b421d385731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34719
x-xss-protection
0
google-lineitem-id
6163869566,-2,-2,6162023420,6163869566,6036785643,6159154022,6161528542,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414339568,-2,-2,138413323481,138413728184,138394383146,138412807538,138413447319,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B404 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:02 GMT
expires
Sun, 03 Dec 2023 13:30:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 01:03:46 GMT
x-content-type-options
nosniff
age
303976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:03:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
150467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
iframeLoader.gif
cdn2.aptivada.com/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.aptivada.com/images/iframeLoader.gif
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:02:25 GMT
x-amz-version-id
wWpi.PVolYNt17y93yspJcx5ZO5Tq8hV
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Fri, 20 Apr 2018 06:54:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
358058
etag
"5f587297cec677d528a5fb6f7184ff5e"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15780000, s-maxage=604800
accept-ranges
bytes
content-length
30578
x-amz-cf-id
Tm8jT4Gk_bO49Adb79PalNmeSTzaPqVXepqdeHe7GxNjJYPHFpmdUA==
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20221123X/ 		667 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b81b26ee382944221addbbcb6cb2e73e51613e0651848aea41a739d23006dba

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
x-amz-version-id
1qVWVVYmPntFja2FZfSLG5Z7Ev.Q7UPn
content-encoding
br
last-modified
Wed, 23 Nov 2022 23:53:33 GMT
server
AmazonS3
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"38982201420ba579fc64aa1bb3cfdf39"
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Lq20lQex0oQxRq3P3AvfV9ngBEr4X5l73wu937JTqX-wO9L-BPyr5w==
icomoon.woff
cdn.saleminteractivemedia.com/content/icomoon/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/03b446bb/site-css/2019nt/ntbase-blue.css?hash=484b93e9c18653fdcfc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91cfb6fb2b9e5fa3c412c690e050df61bd7d6021fabc11149d3d62b011b1191b

Request headers

Referer
https://cdn.saleminteractivemedia.com/dist/03b446bb/site-css/2019nt/ntbase-blue.css?hash=484b93e9c18653fdcfc1
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
aZGvMQQKlXaQZHQ+YFEwAQ==
content-length
14056
x-ms-lease-status
unlocked
last-modified
Wed, 09 Nov 2022 20:19:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC28FB815C10F
x-hw
1670074202.dop034.lo4.t,1670074202.cds298.lo4.hn,1670074202.cds297.lo4.c
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
64b40a11-001e-0018-7c7c-f42516000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=29488776
x-ms-version
2009-09-19
accept-ranges
bytes
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e3b83dabc7f95c45f32a51506ded484d
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
773ca7925af29b58-FRA
cdn-requestpullsuccess
True
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:11:27 GMT
x-content-type-options
nosniff
age
73115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 17:11:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
420310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 16:44:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.6f14af104e2af6491d1a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc44ce5e873da496e90e14136ebc78f64e776ed2832b7b53050d46ac833e0d23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
1SfzIy8EmF876JrilE/ZXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
697tHM9jDvbvl71F9eFeyPPHknRdnh0jjXCXXabCEqvpKOzZrU1hqYqnppepGTt8EqM42uG+rojszsluE6S0Ew==
x-fb-content-md5
ab89601101d7471f261b659b6ddf132c
cross-origin-opener-policy
same-origin-allow-popups
etag
"11ccdeb1f2ce868262a0b70a38d40c5a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Sat, 03 Dec 2022 13:40:24 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 03:47:51 GMT
x-content-type-options
nosniff
age
207731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:47:51 GMT
getprogramguideinfo
freedom1570.com/ 		603 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freedom1570.com/getprogramguideinfo
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb868441f1b679910513432d5408d2eefd9f22b461e6b916316dec649895e7e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
arr-disable-session-affinity
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
referrer-policy
no-referrer-when-downgrade
x-aspnetmvc-version
5.2
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuEK0NiXVV3N2ACqNZg7ra2vK7rAAH%2B9LkUyi3CMXliSGc7Q7mccsc436gl7dQmvTTQ%2BwTUxvj5%2B%2F%2FYVwyj28hsB7B4sycL5mwviPHD9u3YUgVwxzDLqMLJDLBkJ%2FYHjg%2FlDmKVlZcT4i50cCg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
private
permissions-policy
autoplay=(self)
cf-ray
773ca792dcde9b86-FRA
christmas-logo.png
cdn.saleminteractivemedia.com/269/media/site-assets/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/media/site-assets/christmas-logo.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32515a6986ed6717f1313f927efe410c40cdb6049a83cbbd6b6ed39958002f83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
RgYEP/Zp+Itb2g7ZUT+WTw==
x-ms-meta-uploadedby
Chaffee,Dan
content-length
145785
x-ms-lease-status
unlocked
last-modified
Thu, 19 Nov 2020 01:28:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D88C2A76E88F0D
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds084.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2310c66e-201e-004b-605f-063919000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
header-background-image.png
cdn.saleminteractivemedia.com/269/media/site-assets/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/media/site-assets/header-background-image.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
14d2685b050382f1c38067e121d4b4bbdcb35d313a1cd4270bc18a615955b2cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
z1X99gOyZ8F1gzCDcwJS8w==
x-ms-meta-uploadedby
Hanlon,John
content-length
273919
x-ms-lease-status
unlocked
last-modified
Wed, 14 Aug 2019 13:13:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D720B92AE66518
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds313.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8c9118b4-601e-004c-225f-06cf9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
play-button.png
cdn.saleminteractivemedia.com/shared/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/shared/images/play-button.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
iK52X5B86FHk7qX9XxbesA==
content-length
1851
x-ms-lease-status
unlocked
last-modified
Fri, 26 Oct 2018 17:40:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D63B6A1D42BC9E
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds317.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
58276024-a01e-0051-47b8-e31676000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=27645419
x-ms-version
2009-09-19
accept-ranges
bytes
sa23is-web-ad-880x440.png
cdn.saleminteractivemedia.com/199/content/265476/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/content/265476/sa23is-web-ad-880x440.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
31c03a1ccc2d75423d6ab454cd181b5b75c0c88b10f67c5827f12f7cbfb04a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
SZeg2tbQ2ih/E22emg1T/g==
x-ms-meta-uploadedby
Hanlon,John
content-length
295610
x-ms-lease-status
unlocked
last-modified
Fri, 30 Sep 2022 14:17:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA2EE78E2C031
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds318.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ca4a29fd-f01e-0060-099b-034da1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
playing-now-on-fish.png
cdn.saleminteractivemedia.com/269/content/197264/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/content/197264/playing-now-on-fish.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f3ce86d7e5d98a938fb81d7bd133fa1e6f2e2a5a799742c6dd1c799e7e909cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
pGniVoQFD32nnTaHARUGXQ==
x-ms-meta-uploadedby
Campbell,Andrew
content-length
404360
x-ms-lease-status
unlocked
last-modified
Thu, 17 Nov 2022 19:10:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC8CF66777324
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074203.cds303.lo4.p
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c5ecc057-401e-0050-3a1b-07178b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
880x440-hero.jpg
cdn.saleminteractivemedia.com/186/content/265281/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/186/content/265281/880x440-hero.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c28c09752bbfe0defa530f4cd7d1e53874dce907df1cc938f442b43efce3b25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
8WV9Rs7KMZsGkz8ze3Evag==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
105723
x-ms-lease-status
unlocked
last-modified
Mon, 26 Sep 2022 15:20:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9FD29DB28556
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds062.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
4ca2b006-b01e-0028-6bbe-047f3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
salem-news-channel-880x440.jpg
cdn.saleminteractivemedia.com/199/content/251377/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/content/251377/salem-news-channel-880x440.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad0bbc7dd826b74410dba1d0a5267e54a19752ff00b56a9ef252872d99648673

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
dxCdbPHVK7ZxmvTKyOfIZg==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
31541
x-ms-lease-status
unlocked
last-modified
Sun, 31 Oct 2021 20:01:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D99CA94A916D4F
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds257.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
7c2e8ab7-401e-0050-40f8-06178b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
880x440-hero.jpg
cdn.saleminteractivemedia.com/186/content/267203/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/186/content/267203/880x440-hero.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
032234d9708427438205b7679dc2685cfb3140c23a75874575c4053e5fb845e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
BFp5I+rP3eGi1W0MIh9w9A==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
119168
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 11:25:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC17BF6E4FC20
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds219.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
e55c3db5-601e-004c-7df6-03cf9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-rv-show.png
cdn.saleminteractivemedia.com/269/host/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-rv-show.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
720b0d7a5d99696268be4f60a2a6c81565702598cd02c282bafd988e3f4c09be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
O7CAmbIkkbgu96+7WMsUBg==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
45950
x-ms-lease-status
unlocked
last-modified
Sun, 01 Dec 2019 16:44:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7767DB8291336
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds208.lo4.p
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ba9e7ff5-001e-0057-6c1b-07e10e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
martiewhittekin-400x300.png
cdn.saleminteractivemedia.com/269/host/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/martiewhittekin-400x300.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e77f5a10e0d424be5bf877c231534690dd19fd47606eee4bd47398f280c81dd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
nwrbM/n2wXEVBPLYJFrUGg==
x-ms-meta-uploadedby
Kraft,Desta
content-length
128736
x-ms-lease-status
unlocked
last-modified
Tue, 05 Apr 2022 15:13:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1716D6116C6A
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds231.lo4.p
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
459db9db-d01e-0055-4d1b-07e3f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-lim-scott.png
cdn.saleminteractivemedia.com/269/host/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-lim-scott.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7c6309834d8186cf6b7714b3adcc2e271ee5f475b75b6ead32d76cf9a3e88440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
hoy0AvjKMUN7XwEnnVSlwA==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
126655
x-ms-lease-status
unlocked
last-modified
Tue, 13 Aug 2019 23:48:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D72048B7C32D82
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds101.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d78eebdd-801e-0020-6d9f-01644f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-ketih-and-sheila.png
cdn.saleminteractivemedia.com/269/host/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-ketih-and-sheila.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b996da9aab437c7a5303257e3ccdbf452a1f04c27fea5ae2741ab37de818aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
wDgh5eunl5SotDGYqoC6XA==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
166131
x-ms-lease-status
unlocked
last-modified
Tue, 13 Aug 2019 23:52:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D720495142F6F6
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds006.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
73794c0b-101e-002e-3a9f-018844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
gregferguson-400x300.jpg
cdn.saleminteractivemedia.com/269/host/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/gregferguson-400x300.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0eb37f46bc5e641a9f3ba735a4ab0535812c0ba6713f2d9d06628f69c310c28a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
B+B4TJgaRBtOrvlfgdV6Sw==
x-ms-meta-uploadedby
Kraft,Desta
content-length
13696
x-ms-lease-status
unlocked
last-modified
Tue, 21 Jun 2022 22:14:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA53D35AC3EAC6
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074203.cds209.lo4.p
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6712dea8-401e-005b-021b-070fff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-sju.jpg
cdn.saleminteractivemedia.com/269/host/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-sju.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e1aff48c420fdca67d7b2516756d287b64a675d44536441076e2d5d4c2f72a8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
4IYE6besKONVFY+iYXHOiw==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
13619
x-ms-lease-status
unlocked
last-modified
Thu, 17 Sep 2020 20:13:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D85B461B8A7356
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds109.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
bb750716-601e-0021-0f9f-0165b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=30932938
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-dana.jpg
cdn.saleminteractivemedia.com/269/host/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-dana.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95456d4f38d0bb9ab3174788683b5ea2b4f2a9e4dc0b9b24ba360563b8e76c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
AD8DD7JsILFGo2NZdDd/Ag==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
16274
x-ms-lease-status
unlocked
last-modified
Thu, 17 Sep 2020 20:13:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D85B46166682A7
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074203.cds217.lo4.p
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3644563d-001e-003a-7b1b-074b20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
400x300-plante.png
cdn.saleminteractivemedia.com/269/host/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/269/host/400x300-plante.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8905883d3037ee6a31861447340bba4e18912cb23c905bd0449c5799f32a0c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
zSGAMYURLUDTp5y+z9nsBw==
x-ms-meta-uploadedby
Brekken,Alyssa
content-length
153747
x-ms-lease-status
unlocked
last-modified
Sat, 30 Nov 2019 18:37:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D775C44A6A846C
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds318.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
14724db6-801e-0009-445f-06120d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
3-flag-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/267837/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/245/content/267837/3-flag-1000x500.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
83f7b10f764ed5f6bb18da61542f6a1733eea8e1e862fe4432fbe68f8fed9245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
S/58eS4Z0SayTYsNe4qEgA==
x-ms-meta-uploadedby
Hanlon,John
content-length
81550
x-ms-lease-status
unlocked
last-modified
Tue, 22 Nov 2022 16:54:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACCAA377BCB24
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds235.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
17b67b7c-d01e-001a-0e1c-0427ec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
2-tv-remote-1000x500.jpg
cdn.saleminteractivemedia.com/245/content/266760/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/245/content/266760/2-tv-remote-1000x500.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2437f1e78f8b9cbc6064fc8112f759774b888cc5c044fc2c91e1c15e66f3de38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
GcluopgZUvrQhbzZ5cj6ZQ==
x-ms-meta-uploadedby
Hanlon,John
content-length
27393
x-ms-lease-status
unlocked
last-modified
Sun, 30 Oct 2022 23:38:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABACFCAED4D43
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds212.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
9d466673-801e-002b-05e0-027c3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
3-1000x500-films.jpg
cdn.saleminteractivemedia.com/245/content/266614/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/245/content/266614/3-1000x500-films.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d163787fa90069a42442a3b0e34d4def6f21c08be50397b465d2a2c34c0ff30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
BIzDgWBe3KNh1t3oQ5DXlw==
x-ms-meta-uploadedby
Hanlon,John
content-length
79510
x-ms-lease-status
unlocked
last-modified
Thu, 27 Oct 2022 03:00:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB7C760A1A872
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds274.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
793d9b47-301e-0039-6ba4-054827000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
2-moviegoing2.jpg
cdn.saleminteractivemedia.com/245/content/266570/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/245/content/266570/2-moviegoing2.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ede9a88f9a5cec01a7c95f4978336d55bfc035d33b0a02599b8f6baaac9f8eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
PMB/xgbjpqvpGaWM9CPFdQ==
x-ms-meta-uploadedby
Hanlon,John
content-length
108803
x-ms-lease-status
unlocked
last-modified
Wed, 26 Oct 2022 02:17:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB6F8393724DB
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds313.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6a5e2874-801e-002b-2621-057c3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
sebastian-gorka-400x300.jpg
cdn.saleminteractivemedia.com/199/host/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/host/sebastian-gorka-400x300.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dee2f7ad46b45ca65c74160be1e4722dfe73fe458326bc8971fbf3c794c9ecf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
noyW3dCyWEQdGabBlRQW8Q==
x-ms-meta-uploadedby
Yang,Teresa
content-length
18336
x-ms-lease-status
unlocked
last-modified
Mon, 20 Dec 2021 19:18:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9C3ED7401ECEF
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds302.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
5d807417-c01e-004a-43ee-0338e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
charlie-kirk-400x300.jpg
cdn.saleminteractivemedia.com/199/host/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/host/charlie-kirk-400x300.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cb0c849c39cf7c26538cd227b723244ff7c4ddfecdfc3bb29c9e736044dab92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
tq5frPzJRKOv/qdhOM6d1A==
x-ms-meta-uploadedby
Yang,Teresa
content-length
18912
x-ms-lease-status
unlocked
last-modified
Mon, 20 Dec 2021 18:56:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9C3EA5EF7F5DB
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds074.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
fae79adb-e01e-005d-352f-06f887000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
Eric_Metaxas_210x174.jpg
cdn.saleminteractivemedia.com/199/host/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/host/Eric_Metaxas_210x174.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b0df56f4f7429e2039f128c123e48d25019573c014f1802aff1ba337f4e32f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
tgre0xS/GYh/t3hgh8M1eQ==
content-length
6572
x-ms-lease-status
unlocked
last-modified
Thu, 17 Sep 2020 04:01:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D85ABE56C776D7
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds274.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
e259cdcd-901e-003f-7164-ebbf5f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=341298
x-ms-version
2009-09-19
accept-ranges
bytes
template3_logo.png
cdn.saleminteractivemedia.com/shared/images/logos/269/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/shared/images/logos/269/template3_logo.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0e8a61585b91364d2f64fd10aa2d99dafe52847a8589b383c27e45aba9d674d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
Wkh/OlgGkWAcFd0mvQtttQ==
x-ms-meta-uploadedby
Hanlon,John
content-length
18098
x-ms-lease-status
unlocked
last-modified
Sun, 01 Dec 2019 18:33:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7768CF5CEE6B6
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds218.lo4.c
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3c6b270f-001e-0031-285f-065354000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes
playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 73E5 		692 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
content-length
692
content-type
image/svg+xml
date
Sat, 03 Dec 2022 13:30:02 GMT
etag
0x8D65ECB3EEA4474
last-modified
Mon, 10 Dec 2018 18:13:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds286.lo4.c
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
62e5f68d-a01e-005a-45ae-050e02000000
x-ms-version
2009-09-19
playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame C2E3 		692 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
content-length
692
content-type
image/svg+xml
date
Sat, 03 Dec 2022 13:30:02 GMT
etag
0x8D65ECB3EEA4474
last-modified
Mon, 10 Dec 2018 18:13:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds286.lo4.c
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
62e5f68d-a01e-005a-45ae-050e02000000
x-ms-version
2009-09-19
playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 8DD8 		692 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
content-length
692
content-type
image/svg+xml
date
Sat, 03 Dec 2022 13:30:02 GMT
etag
0x8D65ECB3EEA4474
last-modified
Mon, 10 Dec 2018 18:13:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds286.lo4.c
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
62e5f68d-a01e-005a-45ae-050e02000000
x-ms-version
2009-09-19
playbuttonwhite.svg
cdn.saleminteractivemedia.com/shared/images/ Frame 37D7 		692 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.saleminteractivemedia.com/shared/images/playbuttonwhite.svg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
content-length
692
content-type
image/svg+xml
date
Sat, 03 Dec 2022 13:30:02 GMT
etag
0x8D65ECB3EEA4474
last-modified
Mon, 10 Dec 2018 18:13:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-hw
1670074202.dop201.lo4.t,1670074202.cds292.lo4.hn,1670074202.cds286.lo4.c
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
62e5f68d-a01e-005a-45ae-050e02000000
x-ms-version
2009-09-19
68628d3f-d3e9-477d-8288-2efe218ebf70
sapi.audioburst.com/v2/PlayerMetadata/GetPlayer/ 		463 B
846 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/PlayerMetadata/GetPlayer/68628d3f-d3e9-477d-8288-2efe218ebf70?appkey=90efe8e77ff4447786beec46a07c0c01
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df69d959773940a49f14f9a5761eb13f88886d1dd7cbd9e5b99468d648ada5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 13:30:02 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
397
Request-Context
appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 4DD5 		402 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.85.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-85-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 03 Dec 2022 13:30:01 GMT
Instance-id
i-0dcd1514a8b1336e6
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
97561190-730e-11ed-8c53-060b6238a629
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=43AD1E57612418B90A495E63%40AdobeOrg&d_nsid=0&ts=1670074202107
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/shared/scripts/visitorapi.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
afa412ae6779d4a10d60924cec27bcb81d13218ca2df03df82e37e52a4aceaf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
GgJb0cDMSII=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://freedom1570.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
963
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ads
securepubads.g.doubleclick.net/gampad/ 		549 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1360837157070732&correlator=3667447591472297&eid=44777900&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=6177%2Cslm.kdiz%2Cinfolinks&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&ifi=10&adks=2234850771&sfv=1-0-40&cust_params=siteID%3D269&sc=1&cookie_enabled=1&abxe=1&dt=1670074202112&lmt=1670074202&dlt=1670074198255&idt=535&adxs=200&adys=4645&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffreedom1570.com%2F&frm=20&vis=1&psz=1200x90&msz=1200x90&fws=4&ohw=1600&ga_vid=822983241.1670074199&ga_sid=1670074202&ga_hid=1403478960&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
403f396b14afdf4b80a40a5c267e2dbb1fc746e5a2386d63ef8a8e249dd2060a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
info.php
aptivada.com/promo/ Frame C0C1 		1 KB
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aptivada.com/promo/info.php?widget_id=660&widget_type=widget&app_type=&environment=external
Requested by
Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.39.28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-39-28.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
471563f063f0a7173ae8e37677a7fa1d1b6a7641debfbc9832182ad0a4db107c

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
616
content-type
text/html; charset=UTF-8
date
Sat, 03 Dec 2022 13:30:02 GMT
server
Apache
vary
Accept-Encoding
dest5.html
katzmedia.demdex.net/ Frame BE94 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://katzmedia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/shared/scripts/visitorapi.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.137.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-137-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GcVS7TRiTdA=
content-encoding
gzip
date
Sat, 3 Dec 2022 13:30:02 GMT
last-modified
Fri, 28 Oct 2022 11:22:23 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=Y4tPWgAAALHE2wN6
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=70612628178048321572362312578120419971
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4tPWgAAALHE2wN6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4tPWgAAALHE2wN6
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gFLjfCIUQuc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4tPWgAAALHE2wN6
Date
Sat, 03 Dec 2022 13:30:02 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3659e46242b5a39462f86f69d925d20b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31ba0e096780c0fe521c4c65a4ac30fb73ebcf4cfa71b8047900904a9977868f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 13:30:02 GMT
content-md5
M3kPn8tjr2DieXF+bIxD4Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86896
x-fb-rlafr
0
x-fb-debug
kZr9XzakO1VH8m5xNYr0YbO1LdxeqKZ4GrjHxoG2egdp5rKKHJcKD4unxGFgOdqcisZm1pVVb3s76teotPnc7g==
x-fb-content-md5
6ee9dbb544ba164a4c15cb88f580dc92
cross-origin-opener-policy
same-origin-allow-popups
etag
"25a7d8f8a65cd4ba005e7a1ab61eb1c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Dec 2023 11:51:06 GMT
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 4DD5 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 04:47:35 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
31348
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
bVVc99wIlloIwEQTAINnxQgHroxWLr9HXQy0JGUWUx5RepWH-1N2pg==
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 03 Dec 2022 13:16:15 GMT
server
cloudflare
age
805
etag
W/"763010-9a4f-5eeec4245b9f2"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
773ca7969af1696f-FRA
expires
Sat, 03 Dec 2022 17:30:02 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 11:42:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Dec 2022 13:30:02 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 13:30:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Dec 2022 13:30:02 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3084564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N0uId0Sag%2F7YoZiWAMirRn2kIhc8k2FO1LfezIjBRzTjleCDmp%2Bhd9G%2FZqswzZp2Aem2M%2FKeQ8io23JeP3hHAXjQ63WbxgrqyVwkZSCDkuuRwRL%2F4gl33WE0aD003IC%2BIoV5aFTplcmLGkobKr2u0ie"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
773ca796cac39bc5-FRA
expires
Thu, 23 Nov 2023 13:30:02 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 8FC9 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10958354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9yrAvbEJ1jDtCinITbzvK4kFFKDZYSJfHkpE%2B%2FxcOmATSHqpRjW3syTobLfeEP1MVsZOKzxJamBTIiK4R0TkjRhM1VMej3nnEvUCggsPJv1YmrBdoP1jtpJU20CB7ji%2Bgxr6BI4QthyFDAL9CbEqFBa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
773ca796cac79bc5-FRA
expires
Thu, 23 Nov 2023 13:30:02 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 8FC9 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
d9-RIqZOzM-bR4UmVwCbuVuDkVzjalbpjhvkD3d_HAJNozF6IOVPGg==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		105 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
412b5fced5a5e8052b1d4cc8752d8d91e63dfeda51aed38bfb4b88bbbb6e6d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
12TcNlZ3CMZAdlNixRtFIvKLo2UHDB9_
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date
Fri, 02 Dec 2022 17:10:37 GMT
last-modified
Tue, 29 Nov 2022 18:40:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
73166
etag
W/"7beeda6fb4f0156742ead7b786a09830"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=84600
x-amz-cf-id
3OhUfkdx5wlo66aDUubxveCgdGfTDVk3xLR3FYksisU8Cxq3DGSw_w==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 8FC9 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 03:59:13 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
34250
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
fFR1BMhmpZRi-7_nzVDN8wycrVxQ5vmqjRYoA9G2uVIzT4H4N0Dc2g==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126620
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:02 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 04:40:45 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
31758
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
zwtmDOmzNf-DNXWlOAgAwG7nr_rMSHRCt5XXalL0BtL7dhRhyqrHcg==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 09:39:51 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13813
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
lcGn-jWnz_F15zi5tuoX4UwIbyZdgZ-OrrsS-nc0xmSW7c7EaRdBmg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 11:36:25 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
6818
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
K07QVEAgYx55VK738GDfQfSVLuL4yJC4Nt31rgGHEn47mSl0kPVYzg==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 11:19:07 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
7859
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
Po_iX9G8MGo9mvUM63kSAvlI73Qsc34smrmVHgwwY3DbnusL3ofVeg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=579700&version=7.10.1-X&age=221203&cmd=PRE_INIT&key=STBtG2Zi&seq=1&order=1&absoluteTime=4928.3&relativeTime=0.3&canonical=https://freedom1570.com/&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=gY1eaO5RGwhGEQmm&instance=579700&version=7.10.1-X&age=221203&ESG_key=STBtG2Zi&type=FULL&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
eadbd565de7a6723c13a4c49f96eb97f994f96820754d624f06f9461286dca7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6GMnnILC1eKttHLCyRWV8VTvxbXDqgnKhcxvpV_DvBNPtYGGCacRgA==
content-length
5553
expires
Sat, 03 Dec 2022 13:30:03 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/ Frame 8FC9
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Server
2600:9000:2240:7600:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:39:25 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
3039
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cRsZ1qSOetxVl7NwE0eoSHeS8e8rXQqo7JEH9enHQK-hdqsdN6YvuA==

Redirect headers

date
Sat, 03 Dec 2022 00:42:28 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
46054
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
W4vUkKui6q1Ejuaquvf4CVFTQrKR8nK-wJqqSQf6n6TWi7Cv3pSelA==
player.html
embed2.audioburst.com/skins/sacarousel/ Frame 6718 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c7970f74fcdfc4a622cde747cbc68dfe36f108c8c46fe05460d55ba93050b70b

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-md5
GVAVB7PVjHuLYHF5VQxa5A==
content-type
text/html
date
Sat, 03 Dec 2022 13:30:01 GMT
etag
"0x8DACBB37D4C6FD2"
last-modified
Mon, 21 Nov 2022 11:28:18 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref
0Wk+LYwAAAADtq72QpVzuTLsMqV5oqorrRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-azure-ref-originshield
0ZOmKYwAAAACgIzJUJNE6SIHb7pouRcTgRlJBMjMxMDUwNDE4MDIzAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
x-cache
TCP_HIT
x-ms-request-id
4ebe8533-701e-006c-6341-062308000000
x-ms-version
2018-03-28
container.html
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6088 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:02 GMT
expires
Sun, 03 Dec 2023 13:30:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame ECE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8ixdtNCAiBBxBwEUQmHNh3FTohqFYbf7l-1bteIl4O9Mm2XA00X4cCOiX8U9qYccXxLov54PAguyUiSUwRGAkwL_M53BMqmNG7Q9D61gw13QtA-fU6cAX1pnVDqinuoHIMEUzD1DpgtUVKiMvV0OagKAdayokFnBa0DkJcOnyuRDzOO0Idv3WE0CcVhL841mT4EURHWRr8qXuk0B5vlp7gOq8PSV4eZXdd5I1eSf6IfFARew9iZ4Pjbm-DU0YQ229WiQpjU8c_fcKqBmJQHSxEpgsZNasCBDndO45iNoFFY3nAWfOVew7Ea-00RYyQvs&sai=AMfl-YQBAtdOyGC6iMdmzw9JL9rQ4M4Z8bgWoLwJDPeioqNk0bGiZl3SFhNnt924qDAHJAAfFMSPcUJ4_sRx2MG92UXqDJGXAh8WbYNIbDs0uziVCtal3854QHDuBSWvE3jXE6TJ0hqzx6xLvhDj3ZjUbLA&sig=Cg0ArKJSzAJ4GelL4PteEAE&uach_m=[UACH]&adurl=
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame ECE4 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
82278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Dec 2022 14:38:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ECE4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
4151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Dec 2022 12:20:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECE4 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:02 GMT
18288678590894909509
tpc.googlesyndication.com/simgad/ Frame ECE4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18288678590894909509
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6b26d623ee79d501a82a1a85b8f0b9af7823eccc0818258f4f9e248eba0ecf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 06:26:35 GMT
x-content-type-options
nosniff
age
25407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30779
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 13:35:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Dec 2023 06:26:35 GMT
container.html
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 88B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:02 GMT
expires
Sun, 03 Dec 2023 13:30:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6341 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:02 GMT
expires
Sun, 03 Dec 2023 13:30:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F616 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXsM1YEqIdonvUMi3Nli3W1aUhBbgbvr88iHWG6nG1jNIHaO-wQG48HCvnNjVTMXEUt4tT-dvvScqeWFrNHfNB8tuujstJ2Vdv4HAjryt7fI3yzFE6rdSqMGIioTWa8W9PGbEYAwLtTCnIeGmNsEK12AHbNLC0dSusz1otYZ1LVifK1TBV3cY44k-YmVnKZyU0Vu4KpDo4KCJ99XfbzAo6HVgd4FNN4SphUimBkCmz3TIOrY50RyESthkstJBeL1uhU7AaPirZ2VJHIvRiCsE74c4r2cpC7P8TTXvCRleyTVFSFRZlXIXD0ELk3duoCZw&sai=AMfl-YRcGTGV290hQ8CNgnkVxDgNXTH2Eoc7KHWtJ7rK04wPQ9-V0oQDZCP3ZAK0lk_7_DdYsEBEoEXckvf2IZEI1JXAYL1sFx9oOHIFf8vqFyIJ1vSXflb3EveJIlbNlxSQ960x5AEDZGPo4d2JPXK3fl8&sig=Cg0ArKJSzBIcj-9QNIKxEAE&uach_m=[UACH]&adurl=
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F616 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
82278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Dec 2022 14:38:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F616 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
4151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Dec 2022 12:20:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F616 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:02 GMT
5868334322166880887
tpc.googlesyndication.com/simgad/ Frame F616 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5868334322166880887
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8369ca3a7b38774982ab331c098219ebf818b84e300b88a30d26ba18c3b7a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:24:02 GMT
x-content-type-options
nosniff
age
11160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32186
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 13:35:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Dec 2023 10:24:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4D0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssrtJopz8zV5XYYfDm60jBMVKIrjqpEpSN8N9ocVeTXSF-lHKAAS1qrBgNnr1Ej8N92On0NU6uOKzcENUlDfr42oXsckMTe-7LszR5FmR_OgKBXabDRsUlPmX-0StCUD3e7Fu6kfeX_7i340G5MoqcRtgivyPXSD_Qz18nyU6ga1cRwDwHDTwogiLZvty9KOjqlFh9sEwKqpchn13YCrISZJxGCUdMaYN6NcU9u4s0MOo1CnSFe47CLnrEdQ99wPoD16qezSAzdVsTtFiZcESiBvbfZBKBJ-TSyzDeKjtI9mQZ6X4VQauJKwKPUQ7e8OY&sai=AMfl-YTSlKrHCIJJ5BYLnjLMj4e1sfiP4ihsrnbHCuLRsAuhpnvmaZ5J-F2Rs8u70fNBxd_ZhvGdoC6MLQwreaDlSFoEb8fIjV7EzdbZSQB5C3Afra3m7_kZxP7iTiySRZa7AiLaQMBv1Pyxel0TTUmePWo&sig=Cg0ArKJSzP0CogSykzRDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4D0F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27506
x-xss-protection
0
server
sffe
etag
"1410 / 194 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 13:30:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D0F 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:03 GMT
css2
fonts.googleapis.com/ Frame 6718 		12 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600&display=swap
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80e116623c58c51070a0501d7caeabcb5c8303aa557fde0905f2051f097fde4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 13:30:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Dec 2022 13:30:03 GMT
common.css
embed2.audioburst.com/skins/_common/scss/ Frame 6718 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/_common/scss/common.css?version=2.06
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
928d006fac28559d4ab0ef0dbed86a026272858795b5bdb227303d38d2d025ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:19 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
smKm1i4sjjLTYNoDeRHOAQ==
x-azure-ref-originshield
0u82KYwAAAAAPS3f8eolHSZsf4ViWoNdSRlJBMjMxMDUwNDE3MDQ3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37DAC354A"
x-azure-ref
0W0+LYwAAAACMeVLmQ13ORo21aZXYFE1fRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7dc0c729-501e-0036-709d-0645ef000000
x-ms-version
2018-03-28
accept-ranges
bytes
ab-icon-font-v-02.css
embed2.audioburst.com/skins/_common/css/ Frame 6718 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/_common/css/ab-icon-font-v-02.css?version=2.06
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d04a795f91bce8794d7f005125e07483f0eedbba4ae6adf6f56a1d40ba7200e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:18 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
RUA1T59WnJkMpdjJQhvQuw==
x-azure-ref-originshield
0ZemKYwAAAADvXNsJsxy7RZukOem1NjnFRlJBMjMxMDUwNDE4MDI5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D6376F1"
x-azure-ref
0W0+LYwAAAAAKUQATpgWXQrYhjfsSvlUHRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
59a360f1-a01e-001d-7bc0-05c523000000
x-ms-version
2018-03-28
accept-ranges
bytes
skin.css
embed2.audioburst.com/skins/sacarousel/scss/ Frame 6718 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/sacarousel/scss/skin.css?version=2.06
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a592673766c2aca9e944e7397014098e1829ea59189b7a80a512c31c3020a017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:18 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
XuqacREv3D+/Pe6YJTiocg==
x-azure-ref-originshield
0ZemKYwAAAADrsfsGkh83SqxSzfgW49JgRlJBMjMxMDUwNDE4MDI3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D482AB0"
x-azure-ref
0W0+LYwAAAAAmq29f0RNEQZMwiHHzb/jXRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
63097c32-201e-004e-369a-06e617000000
x-ms-version
2018-03-28
accept-ranges
bytes
embedded-player-es2015.js
embed2.audioburst.com/dist/embedded-player/ Frame 6718 		657 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d92da35757dd4ea41fd4e8e9cef5afd28f6f55c19bd73d6025274f05cf7a7f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Tue, 15 Nov 2022 14:26:32 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
446JGCs62pm0uayR37EfVQ==
x-azure-ref-originshield
0qJKKYwAAAAANUVsvhBv8Q5oRD5Dv1W4uRlJBMjMxMDUwNDE4MDI3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DAC71564A2A18F"
x-azure-ref
0W0+LYwAAAABOsbVxlRnnRKWnE5ZIJfWpRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb695cc5-c01e-000b-30cc-0533f4000000
x-ms-version
2018-03-28
accept-ranges
bytes
logo-pink.svg
embed2.audioburst.com/skins/_common/img/ Frame 6718 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed2.audioburst.com/skins/_common/img/logo-pink.svg
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
489de46340c005496eecbda804057e40c561cb5aacbb77b66ac0799216d0da22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:19 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
3VTe6KVk2IhNLRfoNwSgow==
x-azure-ref-originshield
0ZemKYwAAAABWnO7EDWYsTaVKNMrknv/0RlJBMjMxMDUwNDE3MDIxAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D9F3ED0"
x-azure-ref
0W0+LYwAAAAAKNihAva7mT4za73h6wF66RlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2bb388f-c01e-0079-7ec0-0534bb000000
x-ms-version
2018-03-28
accept-ranges
bytes
jquery-3.5.1.min.js
code.jquery.com/ Frame 6718 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
x-hw
1670074203.dop132.fr8.t,1670074203.cds240.fr8.hn,1670074203.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ Frame 6718 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-3dee4"
vary
Accept-Encoding
x-hw
1670074203.dop132.fr8.t,1670074203.cds240.fr8.hn,1670074203.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
common.js
embed2.audioburst.com/skins/_common/js/ Frame 6718 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/_common/js/common.js?version=2.06
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5176a53940eb83db63a31526f3c71ec222ad459fd3b376d6b5c2b5d36f1c3344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:19 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
OJdSY8frboc5SD3EJ0iJVQ==
x-azure-ref-originshield
0hX+KYwAAAACId1d3/5uZSq2hhSwcFBrQRlJBMjMxMDUwNDE3MDQ3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D6A05A5"
x-azure-ref
0W0+LYwAAAADF2ZT65FTATIjWVRrrhJJHRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
79eef59a-001e-0004-0328-064598000000
x-ms-version
2018-03-28
accept-ranges
bytes
ui.js
embed2.audioburst.com/skins/sacarousel/js/ Frame 6718 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/sacarousel/js/ui.js?version=2.06
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
011c94baf537dbf60cd75a9e954b4b87d30e3760b04112d7e2f9ac30cfbaf312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:18 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
mqGe7XP3chYLxUSfkdkA7A==
x-azure-ref-originshield
0ZemKYwAAAABYVpGUQdokTKIjBeKETcQ4RlJBMjMxMDUwNDE4MDMxAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D2CB75C"
x-azure-ref
0W0+LYwAAAAC/3pcnVhBDQKAvTTBJ1jTcRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
41b34b36-601e-004f-3055-06b9cb000000
x-ms-version
2018-03-28
accept-ranges
bytes
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
b4b5f12b3ecf5fa5dcd77152f82ae59f744a1e9a9a67972dc8347bda3e6d641f

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://freedom1570.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 02 Jan 2023 13:30:03 GMT
/
id.sv.rkdms.com/identity/ 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=freedom1570.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.154.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-154-2.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://freedom1570.com
date
Sat, 03 Dec 2022 13:30:03 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://freedom1570.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
365868.gif
idsync.rlcdn.com/ Frame BE94 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=70612628178048321572362312578120419971
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bridge3.547.0_en.html
imasdk.googleapis.com/js/core/ Frame B431 		691 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f461e1e3fb47ce63a8d28c453253784cc233481904428c57a361fc93fd987327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
52615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226691
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 22:53:08 GMT
expires
Sat, 02 Dec 2023 22:53:08 GMT
last-modified
Wed, 30 Nov 2022 15:32:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Dec 2022 13:30:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6088 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 20:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
62307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Dec 2023 20:11:36 GMT
sa23dc-web-ads-300x600.jpg
cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/ Frame 6088
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaNTs2ucKMol-BeOvr_OK3hW7yzzacIKlJgBc2jolgTG_uryUffDzTpLgb5ofacbT_f0IkLzRlltsBpApvN2RDWyVaO5LgG7dPZHn8dKGNhysNamlqoO-mwN_OhH65xTSJaIb51e6UP...
  • https://cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/sa23dc-web-ads-300x600.jpg
45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/sa23dc-web-ads-300x600.jpg
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b6fed36a97e71e17e7e5f3d3b80e8d4aa5328cbe688f95e5c0e838247a872252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
iu01pj1lsStTVv9wP8BoBw==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
46248
x-ms-lease-status
unlocked
last-modified
Thu, 17 Nov 2022 01:39:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC83C9F772E3B
x-hw
1670074203.dop201.lo4.t,1670074203.cds292.lo4.hn,1670074203.cds274.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
4aa05f94-701e-001c-6298-05d094000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes

Redirect headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://cdn.saleminteractivemedia.com/186/media/national-events/spiritual-heritage-tour/sa23dc-web-ads-300x600.jpg
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6088 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 88B9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 20:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
62307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Dec 2023 20:11:36 GMT
970x250.jpg
cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/ Frame 88B9
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMxxLIowxbrxu1LD4IKCHqTDtd7UFxK8xlh04J-eo2B7pe1IfRgjO_ZRU5D-93h27OO9rhJ93_0JI_DK8CxKeLgA6dIGJL60rfa8i0DRmj7JHlYOAPcgvIkiaw4-z5PRIDbc1sLFHui...
  • https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/970x250.jpg
59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/970x250.jpg
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f0550440a918698a251b4c81cae7c84a2537cfa2d30035d93434fb231dc4d40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
ysP94p/Tg8dH6+UMwDZ0BA==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
60525
x-ms-lease-status
unlocked
last-modified
Tue, 22 Nov 2022 12:41:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACC86DEDB9FDE
x-hw
1670074203.dop201.lo4.t,1670074203.cds292.lo4.hn,1670074203.cds208.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
25ba705d-101e-0048-5c1c-043a1e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes

Redirect headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/970x250.jpg
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88B9 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:03 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6341 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 20:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
62307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Dec 2023 20:11:36 GMT
300x250.jpg
cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/ Frame 6341
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ_NbLybIdrPIcytjogkzuPKBEYEUT72GQWFnlDrHZOiGH9QuDv6cGlD0cmVLcWUxndS8Ey_Yv9Mvdn16nWD6vys2pazPAmblbdBPM7EKs-cc4I20X2RuKvbPQKpE1OxhXRYwLuzNjX...
  • https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/300x250.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/300x250.jpg
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
96658d544a93bfd8c97856e018938b6688886d0c983558c94faef542f920efc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:03 GMT
content-md5
8RjMLBAIOsYu0Po2FVNlrg==
x-ms-meta-uploadedby
Schweinsburg,Larry
content-length
27135
x-ms-lease-status
unlocked
last-modified
Tue, 22 Nov 2022 12:41:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACC86DED70C61
x-hw
1670074203.dop201.lo4.t,1670074203.cds292.lo4.hn,1670074203.cds266.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
72e3714c-501e-0000-3470-060883000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800, must-revalidate
x-ms-version
2009-09-19
accept-ranges
bytes

Redirect headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://cdn.saleminteractivemedia.com/199/media/surveys/trump-vs-desantis/updated/300x250.jpg
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6341 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:03 GMT
365868.gif
idsync.rlcdn.com/ Frame BE94 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=70612628178048321572362312578120419971
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ab-icon-font-v-02.ttf
embed2.audioburst.com/skins/_common/fonts/ Frame 6718 		10 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed2.audioburst.com/skins/_common/fonts/ab-icon-font-v-02.ttf?7270ne
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/_common/css/ab-icon-font-v-02.css?version=2.06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
49f1c5ac1f307af61c5398e70a4ea5563a2816600ad267a4c15a280571e2a5db

Request headers

Referer
https://embed2.audioburst.com/skins/_common/css/ab-icon-font-v-02.css?version=2.06
Origin
https://embed2.audioburst.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:02 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 11:28:19 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
PZ2eYDjugVU+hpqyXoxLSA==
x-azure-ref-originshield
0ZemKYwAAAAA+Ku+8xCxeSatMjlRcsUQpRlJBMjMxMDUwNDE4MDMxAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37DA42020"
x-azure-ref
0W0+LYwAAAAAs9kJF6n5NQaKqsd09tXWJRlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
font/ttf
access-control-allow-origin
*
x-ms-request-id
08d1dc29-401e-0058-59c0-0510c0000000
x-ms-version
2018-03-28
accept-ranges
bytes
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 6718 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed2.audioburst.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:06:09 GMT
x-content-type-options
nosniff
age
336234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 16:06:09 GMT
truncated
/ Frame ECE4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f691685d9a0ab4a5dbfb66f7ab00b1caf712d355f5998c12837873b7501cca0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F616 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f22aeb96fdb98005501f63411e0c644ba3f629a795bdae84d6272cc0e1dc42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022112901.js
securepubads.g.doubleclick.net/gpt/ Frame 4D0F 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133261
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:37:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 12:37:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4D0F 		99 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e17b5beb20ad9b3d73fbb3f6173629069e12840890d4c4016124a1f63d56310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ECE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDipsIULgFfaVClq5i6QpKSLQOW2Om-O2jDIgoBQZlMBEeGsmNbdZrzFn39DamTSJWd1eMpVNMG0Lx_cX_MkoqatJVOi49BKRUIPN9qjtbpU_2zHyjFVemxF7TR5PG5gRxmA6spE7-rH8c-Wwd_7Kwy2IVWs9NYEdfYsvAT9qkX8rHoOc1WhoxAn4efvb1VKdVNXTmoaysQ0XXLqoPwz5oKSf4zfhxVkRAT10S6eC5voNcAK9BMw-8UJXpqufbsbUnL_v8XF63aJk-d-FCcYCgKBF62ZCnmBEzSvE-qdy09ovHD_Rwnd5NnBAw77ut983isQ&sai=AMfl-YR5Osx_Wr2kE3SJiMeLN0AyjcJ6tOXxRvHKTrVqZCBa2y1UA0LTxSVKOdljKYcbKgVbe2bmzG9hpx83CwEQIKr-SEuLM2DL1YvTw6mr4K1d5zVPekdQ7c2CoL5scLIxMmuiqexlOPoRNp0586qbsDw&sig=Cg0ArKJSzLelcW592dJVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F616 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstugZqm7uSIni5GV7UAcYb5n1zQ5wz6pDRxuDdDc3w5X5tQpuXxzmB0Uk-gxGfFQl2t_FUNB29joMHe635YX7xzYGcIoeRq2KiRVR4iD9nLD1oiPG1LnOQGDQrVbLiqDQOD7fxNNmE6tEkU9moL3AnY5rfhQuxZEImY-9Hhp-fAcAFKFLR2MVjcMdOktlzxZcGCrxOMbQLSS0oScYrKflpl3kc5pfnnoIUKZPUiNUz-PUNDBPouvFPTq_uDhTbsFSeH8VB3C4r8m-6yJSFplkUYbPcHjq-WO_uJT0oaoL1pJMlqsPwE8QEghrkuUQtc3TCK0A&sai=AMfl-YRDROdyhdmqs5bO5c7dAeIybaWoQljN0ALpLOzTpv40UQwa_sV83NrNk5J8Oc5k5RDa63ZYKR9bAlgWyj1u8fAfk8PW_KUmCmeEon0L11fX457ZkKPJ1EgtHn-9BLvgCQH8Xeo0ZzzwoOIFAhWQDDM&sig=Cg0ArKJSzA8k3NssR7ePEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:03 GMT
truncated
/ Frame 4D0F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c62ce8713269ee49c9ddacc3823e24d7a7ac1d23632bdf0ae752aa119e0274a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
/
dp2.33across.com/ps/ Frame BE94 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp2.33across.com/ps/?pid=897&random=1268336954
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-33x-status
208
date
Sat, 03 Dec 2022 13:30:03 GMT
server
33XP020
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&cmd=GET&key=STBtG2Zi&c_id=12095&seq=1&order=2&absoluteTime=5895.5&relativeTime=967.5&canonical=https://freedom1570.com/&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=STBtG2Zi&ES_key=STBtG2Zi&ES_ID=31068&S_RKEY=83I59Hea6d&USR_ID=207579700&ST_usrKey=gY1eaO5RGwhGEQmm&SM_ID=2399783&C_ID=12095&C_companyName=Salem%20Media&version=70100019&sC_ID=4735&AC_ID=2008&TYPE=FLOAT&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 13:30:03 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 03 Dec 2022 13:30:04 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
guNhoUSnRyD11m6Y4UgMnFKcOcJcFIpE
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront), 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date
Fri, 02 Dec 2022 22:55:34 GMT
x-amz-cf-pop
FRA56-P7, FRA60-P4
age
52470
x-cache
Hit from cloudfront
last-modified
Sat, 19 Nov 2022 00:24:47 GMT
server
AmazonS3
etag
W/"b8c57d0a3ca65c98f3d582d9add3f10f"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
BA5p6jr6ruMnT0w0V-gvYSS9is00hO2mh3mz_hywxpjuicJCI1wJig==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 18:47:03 GMT
x-content-type-options
nosniff
age
240180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:47:03 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 05:06:38 GMT
x-content-type-options
nosniff
age
116605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 05:06:38 GMT
smb7veomw6bib64n7s3artcb3iyzh5qo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/smb7veomw6bib64n7s3artcb3iyzh5qo.jpg
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3926d631a3130a6abb45b20b7dc6a26554f4fa0508a119f05b7c1cba8e2a2009

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
52225
last-modified
Sat, 03 Dec 2022 04:10:08 GMT
server
AmazonS3
etag
"b1f1656d7830c8678796e35c3e280a77"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
tc-0mEMysmU7r4RFP-D-8zyw4Cjql2WNXt-KN7DTDlL70esswqASnA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&cmd=RTP&key=STBtG2Zi&c_id=12095&seq=1&order=3&absoluteTime=5924.7&relativeTime=996.7&sC_ID=4735&sm_id=2399783&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=STBtG2Zi&ES_key=STBtG2Zi&ES_ID=31068&S_RKEY=83I59Hea6d&USR_ID=207579700&ST_usrKey=gY1eaO5RGwhGEQmm&SM_ID=2399783&C_ID=12095&C_companyName=Salem%20Media&version=70100019&sC_ID=4735&AC_ID=2008&TYPE=FLOAT&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 13:30:03 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 03 Dec 2022 13:28:02 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 8FC9 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
773ca79d4c9f923e-FRA
vary
Accept-Encoding
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8FC9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
date
Sat, 03 Dec 2022 13:30:05 GMT
x-amz-cf-pop
FRA56-P6
x-cache
RefreshHit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
XxYdEG_SXTf_HVgFF8FeYPIPa3Tf_XYkagPIC0oIDWalvhRzLZB0KA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 8FC9 		248 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffreedom1570.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://freedom1570.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
JR87YiombPSjEqDdtvIpm-PDgv90gTQSGLpmqlOt-3s1UPbPpJD_OQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 8FC9 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffreedom1570.com%2F&pid=5PKs5qCXV7ju6&cb=0&ws=300x150&v=22.1107.1609&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2C0r5NXHklBRrnbCMVw10iMA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
M8RZKSQJY163FJDKWMP1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://freedom1570.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ULnifCSbv8xZisqAoPJ-A-XLruLyVMoj7YxhpRP4cWTwufFLyKxsSw==
hbpix
idpix.media6degrees.com/orbserv/ Frame BE94 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=70612628178048321572362312578120419971
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Sep 2017 19:12:19 GMT
server
cloudflare
etag
"59bc2613-2b"
content-type
image/gif
accept-ranges
bytes
cf-ray
773ca7a058e89a2a-FRA
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 6088 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaNTs2ucKMol-BeOvr_OK3hW7yzzacIKlJgBc2jolgTG_uryUffDzTpLgb5ofacbT_f0IkLzRlltsBpApvN2RDWyVaO5LgG7dPZHn8dKGNhysNamlqoO-mwN_OhH65xTSJaIb51e6UPU_sSUYALqK2ZgrCCzDj4V08YuG67502cCXUoD37WqNecdkKqyqXSbfC6AUz6BLCj_zi_XYb-EnWMibQ6X13-IaW4LwCACsoHKmME3B4J51BTmD5z_n0sPDC7hSSrBHhhW87BY6jcSiGEyFgAnSs9SdYdI18HiCnXleFgRu80mKy92kJhzAsOhkWhHw&sai=AMfl-YSxV-uT46TvDkTtFoFYDNKM6XkAXpFyRxXG7aXHcbdA7bXtI3noqQRNKmsk3gKZ7UKOu4JM9UgSzeiyxa9Gx5_byi-68uXS-YasJ1jg90Yh6ajDD4RnanWXbeK7gz5A2RG9POSu1P_20fEN3FMZvfM&sig=Cg0ArKJSzIgZELg00MWHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6341 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ_NbLybIdrPIcytjogkzuPKBEYEUT72GQWFnlDrHZOiGH9QuDv6cGlD0cmVLcWUxndS8Ey_Yv9Mvdn16nWD6vys2pazPAmblbdBPM7EKs-cc4I20X2RuKvbPQKpE1OxhXRYwLuzNjXX40XpZvXJolYtP533eE-mDBE5pKQfN275hKHm9zdhrKerUpOgKUmOHKcnZQH4SRanUGQyf15N7SJfz3oe-0KHvg8avv6WDkGm452yaEAPqYhumv_f956jr8xYfUsxggVgQMRyJ0tXgw67qAxOAdSqmx6uZxgDmbTG260MYsuEBt-rqC-tVoUr8eBps&sai=AMfl-YTtj7g4reBUCO7xARG3kaScW05vGOA25CEHWL-dLJLlCOFirr4zf_1sD5rvDDuEEdGR1Q9b3HANIHdHlkYTR3ZnqEv44Kxe4VFBLs4haDyQlEAUgT1T9DljzlijhBx5Gl-9KcddCtPGWfQqMEHvZKo&sig=Cg0ArKJSzH22AnLoV4gjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 88B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMxxLIowxbrxu1LD4IKCHqTDtd7UFxK8xlh04J-eo2B7pe1IfRgjO_ZRU5D-93h27OO9rhJ93_0JI_DK8CxKeLgA6dIGJL60rfa8i0DRmj7JHlYOAPcgvIkiaw4-z5PRIDbc1sLFHuiBB1vnXhj7tD1alnAt1wjTfrA2Kjz_efkoParRGylgPHapaE1LwlcuGjUM5wLbWnJfxYQtkwrQuZRxlfz1QOvGy4z2UoGJW6m5EM1gCKWlBBfg6z1bTQgdPsqJLzS_6P7h5NYzjE4mMZQDNvEb3b8zhV5wYm5u9MoEecbY2gcP1ydjf4baXvoremEFY&sai=AMfl-YS8QCb4DOFlfOMD6EJnp-l6Mv6GCJ3hbAalXJNmFdYObN-Y6b9f3vvU-Qmg3Yc4nbLmXei4N7UQ0Awe6lYtvqzXVKBClWSoFhymPrAUNZrBnxEFgOZ2PEouiALeq3tCd4gKWbOjrqlT98tbeRwgozE&sig=Cg0ArKJSzApS4emADoq8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
URL: https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Ffreedom1570.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i23n94hJc9zvuqWoEjvpC0EJFd5Loa%2FkMgfmDyM6OtaebJlp86HSKzl5yY4dDoZVUDkYbBUwatQ8QCHZHPRsCBHIFFKGgr21I%2FkDxzZKoo4g0yq54lIu%2BRNYSyH5SbmPxXJPm7P4XWU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
773ca79f0e819b8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VEN16DTW8J&gtm=2oebu0&_p=1403478960&cid=822983241.1670074199&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670074198&sct=1&seg=0&dl=https%3A%2F%2Ffreedom1570.com%2F&dt=Freedom%201570%20%7C%20KDIZ%201570%20-%20Minneapolis%2C%20MN&en=scroll&epn.percent_scrolled=90&_et=9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VEN16DTW8J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6088 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMp41bCkw6zZSLIjcdOUIo6zz2QWdpPn7EGdC0PGsFcAa-6zUufrhrTNZZFZ6aOWfgepET3H3Way987RS4txE7mZuMoYS-B6pqjAEkGlzssJDKC6Gb4dQX5c7zHdLX24rhcK-iMKBhdI0wA6AhT9UJcD0x-ab_6ai5D7ElOydlvHCJZTaZkRKUks5g0YsRhoNcx-QSdV1HUu_16iBSI2dgOsb2S52_i_mDua_9uGy5jh6mK1SAHXZ006zH7OavA6a4Fkmz7owLRD1jUKUhrrN4i2eoHk-nvnikMPVF7tIIc7kF2dt00EJv8TATxpMFQYPIidQ3Kw&sai=AMfl-YSDz6QIuGhlfM01wdOaodNHhn-DLxOgb0ivUjbaclUUpLHBh5fLCMKs1_UlqA1NQYJeO5_hHwQbIfal2nc9fhsEhDHWqDqjSDLthwyP9JAEbgEN3qCr0zV9Duvw5ek383msdhuuasXfSHs0qrIGeGE&sig=Cg0ArKJSzGxpTZfDmsRGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6341 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWWZdBl_uvFZ0v_LJ3hRq-nBJMRfqgUC0yWvAUArTuqBP8jkI7EEwo04I8Ddsg4c8dm7zAybctwfgTxvSJObZIEymgathSsuglx7pssGrCVrBnNBE3PQoR21ZYhGKoKZHq_7H-qoLgGE9zzzoAzzBzwOKT0bKJiByfnCz-5-n-a_w_EgXk6J_gIOw-3pFB5zYLS5gGSwZXtQU6biKaQ5rv5Swuabl2k6Qx9W6GkyipUxgPEJAa0piJV1POmwxaQOuztXJKrNnFYmy_8lGs1iucfX674_Q0D__zLnu3fFF8wYCn-ScIyO_EOxWxeP_LiNavToXPjA&sai=AMfl-YT23tvFlml4eDn53RcpHnGK3ZK6HVMGu6MKy4b-Cx0OeouIEPNmR9qMeEM6Don4VPkIdXXTdlQaRXQx092eHJ86T5CpwoaoS7zSiAQeenLW7n3YFhvh-9MPkidGPBoj9jEnxHN91TC02fFTm3Z2bWY&sig=Cg0ArKJSzCI2k2hSNf_lEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 88B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5j6gYnxGK-luYkXLdxo6RZBhGTq7EA0zF-ShJl67CLiiC4a6BY-70OdGVeZBl_-DMSxqb94JTpK_WaxHXWORS461h2klPL3aLdend1mfrst5ww1e5qAid6b0n-o--BLEU-awGLZ4xHDfvtMMW0oam7sY4OXTbrRO9KcEKaHcJ6G5AzTuzeTa63_xr4icslwFwznbuWEWKVHRDpOS51Vvur4BrrrWxkF8vbW8G60qdlnI60E9gU2oLLMv6rC8KeZBgEn9ypks0TyERi-Q67Lu-5DrsTqxv6hyask7JIf_G7zVcAWjpqeCh-krMZRgZ0AeyPFKkUQ&sai=AMfl-YQ6q7tucQh5Yg3gCdEyFUXC_dsavIq90E1ETe0nx7avDfj-Sa10l8F0NndnOcxuXH_DdCscxCihF4zWF05epSsiqnUeKRsB7ZUT7TA8A2mxzabg5sJhWmRLKsmTzgj_lRZB_udXD5XsAQAqQth9Adg&sig=Cg0ArKJSzOkXG5oNl7tZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:04 GMT
truncated
/ Frame 6088 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b79ff82602ba606f670a254e98f2f44e2ffad3c836ef009479b5354bb44ae8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6341 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cfabd0507f2a7e0867adce17ce8d5b16fe994fb19f8bc665c587935088317dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 88B9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65483c22339ba7629ad72301bb22d3a9669c385626e2cf8ad373e17a2711721

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 4D0F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4D0F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4D0F 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2149526313044523&correlator=3823738823101376&eid=31070233&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fif&iu_parts=21849154601%3A6177%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C220x90%7C300x75&ifi=1&adks=1391429544&sfv=1-0-40&prev_scp=site%3Dam1590theanswer.com&sc=1&cookie=ID%3Ded825c62b23e934d%3AT%3D1670074201%3AS%3DALNI_MYyACLqLAF_eTAeWCW4qo7Yw5m-vA&gpic=UID%3D00000b8c3a012875%3AT%3D1670074201%3ART%3D1670074201%3AS%3DALNI_MYDFpsr1s_85yF3okKqouCeM6cLCw&abxe=1&dt=1670074204088&lmt=1670074204&dlt=1670074202960&idt=1112&adxs=596&adys=2751&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=kujxg9k35lo6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ffreedom1570.com%2F&ref=https%3A%2F%2Ffreedom1570.com%2F&top=https%3A%2F%2Ffreedom1570.com%2F&frm=23&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=822983241.1670074199&ga_sid=1670074204&ga_hid=225561902&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7217ed6819f31dff0f46bc9eac41da8bce1a81663a981ed8bb9c601ea80129b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9746
x-xss-protection
0
google-lineitem-id
6138813963
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138408132544
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:04 GMT
expires
Sun, 03 Dec 2023 13:30:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=22052&dpuuid=3631906971014135827
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631906971014135827
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631906971014135827
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
z9+gLqJzSqw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:03 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631906971014135827
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Sun, 04 Dec 2022 08:30:04 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 8FC9 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Sat, 03 Dec 2022 13:45:04 GMT
auction
tlx.3lift.com/header/ Frame 8FC9 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Ffreedom1570.com%2F&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.129.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-129-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 8FC9 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sat, 03 Dec 2022 13:30:04 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.014951
X-SpotX-Timing-Transform
0.000595
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.014951
X-SpotX-Timing-Page-Require
0.000386
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002341
X-fe
138
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.019544
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000321
Last-Modified
Sat, 03 Dec 2022 13:30:04 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://freedom1570.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000916
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8FC9 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://freedom1570.com
date
Sat, 03 Dec 2022 13:30:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 8FC9 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.212.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-212-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
faad7e062847e3f1cd9ca48376cd8e69801db3f8b528dabf27e5374e55630a6d

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 8FC9 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed2f3c1e8c84aba5c3b10608be1a28a4f888fe9b1c6b6750ef736df3097c51f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 13:30:04 GMT
AN-X-Request-Uuid
e2bd1f6d-7870-43e9-a877-03b21152fe83
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://freedom1570.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.40; 193.27.14.40; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8FC9 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221124af992545ccd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ffreedom1570.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Ffreedom1570.com%2F%22%2C%22domain%22%3A%22freedom1570.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22freedom1570.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221294cac2e374424%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A880%2C%22h%22%3A495%2C%22sizes%22%3A%5B%5B880%2C495%5D%5D%2C%22playerSize%22%3A%5B%5B880%2C495%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%220r5NXHklBRrnbCMVw10iMA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713fdf5b0c1d789d825758673d210d4eca50385b6be25e680fbdf78159a26ecd

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clbV4iPkD9vP4N64xUB7jS35qiS8cTc1pvmemEFS7fZ%2FzB5x8TpQ9rMhZW8w80fvKxAmZ2elEawBsjY%2BKIse5lA3X1xYoBfEb70EbnWn6CqRP6g%2FMlAysSRfMh7DSYp555yiYbAE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
773ca7a05b768ff2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
register
sapi.audioburst.com/v2/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/users/register?device=mobile&appKey=90efe8e77ff4447786beec46a07c0c01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://embed2.audioburst.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 03 Dec 2022 13:30:03 GMT
X-Powered-By
ASP.NET
register
sapi.audioburst.com/v2/users/ Frame 6718 		188 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/users/register?device=mobile&appKey=90efe8e77ff4447786beec46a07c0c01
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d404fbd6b0a3e04013ab4d2b97f4e36b0ae1645d59eee61cbd7f82a6279cf19a

Request headers

Referer
https://embed2.audioburst.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json, charset=utf-8

Response headers

Date
Sat, 03 Dec 2022 13:30:04 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
291
Request-Context
appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d
ibs:dpid=575&dpuuid=2309893381915494403
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70612628178048321572362312578120419971
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=2309893381915494403
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=2309893381915494403
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sXxwcvPKQLo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=2309893381915494403
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
banner
sapi.audioburst.com/v2/campaign/ Frame 6718 		492 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/campaign/banner?appKey=Campaign&urlReferrer=https://freedom1570.com/
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83c6d030d412d819ac3d8925aa26282a99073be99dc2f1f9962e780c6c736e5e

Request headers

Accept
*/*
Referer
https://embed2.audioburst.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 13:30:04 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
422
Request-Context
appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d
view
securepubads.g.doubleclick.net/pcs/ Frame 4D0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2hCmj2bSWSqW_k8WxmLoyhJDmBSs4TvJTYHbTq-DXwyGa6Fa6jYzofZnaRGxLd8SwZZGWsHhuEWJFYrKP7nqRrifk90lGOfSfqwORtfIiXpLr1x8w3o4i2jDllYgPaxzwCPdMQ5nMf4nXGpveZXZOxiQFxOh8Q-SQVOYBtXVp6ZDpIeR9JMxgIP3fr8O_0f-80hmDU_XSYjL3fcrVRq06SODHTzLqIJ8ngALwQctHxukNV84bhoMcEDIXkTC2pJx-iBjZtHW7ocuXSccsTrm8NsWdjI8rVtfyLB7D3-XIysdiQhCgAPzSY4XBc0bwuIFjww&sai=AMfl-YQaIbU2gFFm7NdlRUCwUqaa8umf-3f65T1ug03JBT9IZ0218POpyfowFF-tVwJngfgI5l2UR9EVVQwsPN7IX77tFUVj0N4p7JQ5itBT_6USBp9zPpr-keDOUEdmDKOuKFUcEEAv0yrifaw8x-TqVOE&sig=Cg0ArKJSzFBNQBlkJcyfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D0F 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9e150de7df36d5019c3038dc2efa527e6fee4f32ff38a8bf257991bcca5a80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11392
x-xss-protection
0
ibs:dpid=73426&dpuuid=70612628178048321572362312578120419971
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=70612628178048321572362312578120419971&rn=1670074202128&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D706126281780483...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=70612628178048321572362312578120419971&rn=1670074202128&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70612628178048...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70612628178048321572362312578120419971
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70612628178048321572362312578120419971
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7tl3qBEISpQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70612628178048321572362312578120419971
date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
9NSkQuzqI6XL2fE8La1NwYGNF_lrhd5C-i-noWYwMf0a6OhNFjrliw==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38e767f6b8f6f96b2c43598a0116fb3cb78bba8cc2a7001e2b706eb93c0ce7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
p
i.simpli.fi/ 		761 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=150871&cb=sifi_att_1600697718176587._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
d84fe5cd20956e5d821abb3b108b9dfe98af78afad2bb19b3ff46d590c17fa1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/login/ Frame 71F6
Redirect Chain
  • https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ed7f56e3564%2526domain%253Dfreedom1570.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffreedom1570.com%25252Ff3cbfef74625ccc%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FFreedom1570%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3659e46242b5a39462f86f69d925d20b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 03 Dec 2022 13:30:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
8NNjc8aydEMLjFYc+bVDGwO3495j5ftB+pcumVM4vTk87KC3wc2RKvLwwecIzdSbakTzhmtCQmrLzw7JrrNDhQ==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 03 Dec 2022 13:30:05 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ed7f56e3564%2526domain%253Dfreedom1570.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffreedom1570.com%25252Ff3cbfef74625ccc%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FFreedom1570%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
vW/RvictmqYC8mOdmO5OrZRNJrI1hBQ22438iWCrY0XjkWqwj75qR16EIrJ8HUZxOpdFmI8GJIT1nfeSPWrCbA==
x-fb-rlafr
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJMWqMAq0Pu9Jnpo6qkgUh-U47V7dFb5uINwheKTg-CT3Oh3ZiafrjU5SHydAu5qV82BNsRcvih_Pn6fPlsp3D--OrTIRxzSkI6BVhT0xG87Ff-4AOD-vIg0t7LsXK9P3XMRLAV1Kvcdlfr7vyV3yi0lX3vouASW8aFEDFNWiY_fiFOwjFHyTqsiyyhcZiD-mhpsgElwcFCXz6hb6QKVQDs0M0SAbMpMvFLev6sHO9fUbMeJnSyOb6TNomPPQcWG9VmWphdsBz92M2XhvSMSE8m6biIaQaNkyFlMrTgb09bojDqBZmmKBmwTOQ4WBk0-CBjlq9labe&sai=AMfl-YQLA1mssfmp89wXt33ZqkY2Enw6t3zFKBb10WmYVt9dJ36tj2AXQ-6gP3kIDo-tWCriUCh1Zy6z-1UUl32Tk5G_RhFo9Ro7a_bWlc8SwABY3G5tcG_SjFhCpS-XmEYkpA&sig=Cg0ArKJSzNwSASCHIKGhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
delivery.js
assets.revcontent.com/master/ Frame 03ED 		156 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
cbbd0c5a903d0e3b0b058cf6248d956d70e452cba831866b8161381896b4e923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 21:14:59 GMT
server
AmazonS3
x-amz-request-id
JYXH91W87VF704XB
etag
"6d1b2100c62614d53dc882993fbdddc7"
x-hw
1670074205.cds275.lo4.hn,1670074205.cds072.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
50095
x-amz-id-2
fxxNNL1smiLt1q5M8yCVvoJPcIXqlF0SxUiCMeY1NXqzmZlds4ntc1vbDNuA1zQ4pUyaZCsoyrA=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03ED 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D0F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:04 GMT
Salem-Hosts-Sponsor-1.png
storageaudiobursts.blob.core.windows.net/site/images/promote/ Frame 6718 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.blob.core.windows.net/site/images/promote/Salem-Hosts-Sponsor-1.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.246.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
214302ae229a9ef55d8819f5debd18176174503141c92b6c58818173ff9b12b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 03 Dec 2022 13:30:05 GMT
Last-Modified
Sun, 15 Aug 2021 13:21:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
vmkIR83eBko2SQrGJi6N+Q==
ETag
"0x8D95FEFA1BB91CB"
x-ms-meta-CbModifiedTime
Sun, 15 Aug 2021 13:21:33 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
9f940753-201e-00b9-421b-079444000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
15163
x-ms-lease-state
available
activeview
pagead2.googlesyndication.com/pcs/ Frame ECE4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSyjCW4bL9-swZ6Fpg0PIwTRrZnKW5XIa75bFj6YvFw-6LIxGwhujevYi7f2I8U1qNmkTLokCRT3-bxjAOjHLZoHDwjP11Xh2z6DaQ0XIC0wwrd7lc&sig=Cg0ArKJSzJ9PD17OW-xrEAE&id=lidar2&mcvt=1153&p=327,436,417,1164&mtos=1153,1153,1153,1153,1153&tos=1153,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2557706795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670074202885&rpt=555&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=70612628178048321572362312578120419971
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame BE94 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70612628178048321572362312578120419971?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.168
content-length
49
expires
0
category
sapi.audioburst.com/v2/topstories/ Frame 6718 		149 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/topstories/category?device=mobile&userId=daf21c82-fb6d-4b64-8270-d24f8544e341&appKey=90efe8e77ff4447786beec46a07c0c01&monetize=true&category=286&urlReferrer=https://freedom1570.com/
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3dc5bb7975036df89c669279f95d7cf8a5fc43c8a9002fa139a1ffc3ed100a7e

Request headers

Referer
https://embed2.audioburst.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json, charset=utf-8

Response headers

Expires
Sat, 03 Dec 2022 13:45:04 GMT
Date
Sat, 03 Dec 2022 13:30:04 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 03 Dec 2022 13:30:04 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=900
Content-Length
54886
Request-Context
appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d
ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RPvOkY40SmE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Sat, 03 Dec 2022 13:30:03 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
98b79d60-730e-11ed-a312-0a8f991031ab
Instance-id
i-0e9b0473f3e13713d
Location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=eade28ed065e801919f59239154d3875
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
ibs:dpid=348447&dpuuid=73053b59-3b6c-4437-94a1-2967feb22824
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://ids.ad.gt/api/v1/put/adb?adb=$70612628178048321572362312578120419971
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=73053b59-3b6c-4437-94a1-2967feb22824
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=73053b59-3b6c-4437-94a1-2967feb22824
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BzsKoBWtR/Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=73053b59-3b6c-4437-94a1-2967feb22824
date
Sat, 03 Dec 2022 13:30:05 GMT
server
nginx/1.20.0
content-length
379
content-type
text/html; charset=utf-8
image.sbix
global.ib-ibi.com/ Frame BE94 		0
0
ibs:dpid=87898&dpuuid=4c_f71464af-45fc-4fcc-8895-1a629d33540a
dpm.demdex.net/ Frame BE94
Redirect Chain
  • https://adobe.adhaven.com/bid-engine/cs/88cd52b8932ea1f9237bcd284fae8923/v1?puid=70612628178048321572362312578120419971&rd=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D87898%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_f71464af-45fc-4fcc-8895-1a629d33540a
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_f71464af-45fc-4fcc-8895-1a629d33540a
Protocol
HTTP/1.1
Server
54.217.178.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-178-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://katzmedia.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4vE4lwDxQxA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_f71464af-45fc-4fcc-8895-1a629d33540a
date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
katzmedia.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://katzmedia.demdex.net/event?d_dil_ver=9.5&_ts=1670074205045
Requested by
Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/shared/scripts/dil.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.137.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-137-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c59c5c4c1317b62b0606790b67daf5e12b030e717df8bfc887fba1dc32bbbbcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
59PDzU9MTJA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://freedom1570.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:05 GMT
category
sapi.audioburst.com/v2/topstories/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/topstories/category?device=mobile&userId=daf21c82-fb6d-4b64-8270-d24f8544e341&appKey=90efe8e77ff4447786beec46a07c0c01&monetize=true&category=286&urlReferrer=https://freedom1570.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://embed2.audioburst.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 03 Dec 2022 13:30:04 GMT
X-Powered-By
ASP.NET
activeview
pagead2.googlesyndication.com/pcs/ Frame 88B9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBKoEOp4KoReHYC2S_smfYb3MpnazN3nRCpgn7uYX2iioKojxMkAfkBbwENjuqF-0gWOhQW4ux71hxacgjnJWc90gp2ujAjf419_r0rVPLL1UoV1KC&sig=Cg0ArKJSzLq8eYEUPiNDEAE&id=lidar2&mcvt=1019&p=769,315,1019,1285&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3807499741&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670074202916&rpt=1131&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
station
sapi.audioburst.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/station?appKey=90efe8e77ff4447786beec46a07c0c01&stationId=22410
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://embed2.audioburst.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 03 Dec 2022 13:30:04 GMT
X-Powered-By
ASP.NET
station
sapi.audioburst.com/v2/ Frame 6718 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sapi.audioburst.com/v2/station?appKey=90efe8e77ff4447786beec46a07c0c01&stationId=22410
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
45cc77d412cd46f0104ae70246e0cb445d926850235758806832d35602727166

Request headers

Referer
https://embed2.audioburst.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json, charset=utf-8

Response headers

Expires
Sat, 03 Dec 2022 14:01:04 GMT
Date
Sat, 03 Dec 2022 13:30:04 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 03 Dec 2022 13:01:04 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=1859
Content-Length
760
Request-Context
appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d
nft.png
embed2.audioburst.com/skins/sacarousel/img/ Frame 6718 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed2.audioburst.com/skins/sacarousel/img/nft.png
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/sacarousel/scss/skin.css?version=2.06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
abd0cc0fc6b4b0a6632d7ca794db29402bb4b65a26d11cf93ebc45c691d768f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/skins/sacarousel/scss/skin.css?version=2.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:04 GMT
last-modified
Mon, 21 Nov 2022 11:28:18 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
E8UnAKrOqYTS90B20APyHA==
x-azure-ref-originshield
0fTuLYwAAAACO6CL3NwZVSqhUj3ttSJjQRlJBMjMxMDUwNDE4MDI3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
etag
"0x8DACBB37D2C6942"
x-azure-ref
0XU+LYwAAAADonz9KbP3RSa0AIStgm+UERlJBMzFFREdFMDkxOABlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3cf5215c-501e-0019-6255-064824000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
6256
Z3dwaxPM3xKL_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/Z3dwaxPM3xKL_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ab5b9e2dbae2c882c3adc75f30a5c0a937a034cb9c1f12c64f28957bec4fbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
vvXXmgzlEbu7bXdwwSLY9w==
content-length
169225
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:14:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD434DF9656FC"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
bcfd8a05-f01e-00f7-5f24-06bacc000000
cache-control
max-age=31430054
x-ms-version
2014-02-14
accept-ranges
bytes
6YBgn61GLN26_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/6YBgn61GLN26_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cb1f3ac43e39c1bdc81905bfc2bf24eaa72f6fd4d8653e7f7dd060aeca754aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
L/ic5yqfD/AAkHUFSESdeQ==
content-length
379819
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 08:44:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4416930740F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0cd374e5-b01e-00e6-052a-062078000000
cache-control
max-age=31432645
x-ms-version
2014-02-14
accept-ranges
bytes
JJkjG1Y9A33R_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		211 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/JJkjG1Y9A33R_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dad455de8f42dab8d0d72da14e542959a59f9b020f52d9ae8938d1a86e6b9c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
wOfUZbimaffEXtOlef41Fw==
content-length
212639
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:32:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4375CE4E41F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8cb5d0a4-f01e-00d8-4524-06b707000000
cache-control
max-age=31430044
x-ms-version
2014-02-14
accept-ranges
bytes
pL8BaDpjJVV7_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		170 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/pL8BaDpjJVV7_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee41a0fe4a4dbc63e0e5a3b0a8dfaa2551655264a352348a4fa7a67d862ce975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
aW5zKlCs3C1ObCtW8P6k1w==
content-length
172604
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:32:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4375CCCC428"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6b88934b-901e-0147-5f24-060508000000
cache-control
max-age=31430154
x-ms-version
2014-02-14
accept-ranges
bytes
lDnvZR6wR1G8_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/lDnvZR6wR1G8_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8405bb9e26a270580c2a19d2b282043af929ee7f41928c013ef252e2ee76c1a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
WyWlVVf7KeNLc1jf7xdrHw==
content-length
204230
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:32:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4375CE0BE36"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
fd8f3e05-001e-0155-7d24-067ed8000000
cache-control
max-age=31429920
x-ms-version
2014-02-14
accept-ranges
bytes
6Jv4e3eXZ3pL_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/6Jv4e3eXZ3pL_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0521d957d9eb62c5262d7a020bed3cba3fb7e67306690f12787b1c3e35836578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
1cthS8O8fumEOxN6m8peug==
content-length
263452
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:32:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4375CEE5898"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
83644a3f-201e-0000-5f24-06905e000000
cache-control
max-age=31430200
x-ms-version
2014-02-14
accept-ranges
bytes
R9XoDoaX7yKY_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/R9XoDoaX7yKY_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c754cd8dbd9b42e516f5953e66c3d799dec837fbff168b50ceba4ef60f77d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
Pwb62wHqeCtf2CDoHKME2w==
content-length
340239
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 08:44:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD441693C0B20"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d3536cd6-301e-00c7-012a-060403000000
cache-control
max-age=31432528
x-ms-version
2014-02-14
accept-ranges
bytes
6JvGyBJel3O1_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/6JvGyBJel3O1_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0eaaced345857ab11de88d635ac87867c456bc77e26775baa1517d44b787dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
DRaxVGdhqHM6E6fePEKAgw==
content-length
305553
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 02 Dec 2022 07:32:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD4375CDBE4BD"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2cf4adf1-b01e-0132-7624-066e24000000
cache-control
max-age=31429978
x-ms-version
2014-02-14
accept-ranges
bytes
9J428yO4ZY0d_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/9J428yO4ZY0d_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0521d957d9eb62c5262d7a020bed3cba3fb7e67306690f12787b1c3e35836578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
1cthS8O8fumEOxN6m8peug==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD3751025ACD0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
664f6075-601e-0001-531b-07cf82000000
cache-control
max-age=31536000
x-ms-version
2014-02-14
accept-ranges
bytes
oaeV8378jjyN_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		211 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/oaeV8378jjyN_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dad455de8f42dab8d0d72da14e542959a59f9b020f52d9ae8938d1a86e6b9c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
wOfUZbimaffEXtOlef41Fw==
content-length
212639
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD37510673ACA"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5f5d6323-501e-0035-6c62-05fc4a000000
cache-control
max-age=31346774
x-ms-version
2014-02-14
accept-ranges
bytes
9PR4ByDlY11n_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/9PR4ByDlY11n_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8405bb9e26a270580c2a19d2b282043af929ee7f41928c013ef252e2ee76c1a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
WyWlVVf7KeNLc1jf7xdrHw==
content-length
204230
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD375104BF3E2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
68c27dc9-a01e-013e-4162-05f92c000000
cache-control
max-age=31346667
x-ms-version
2014-02-14
accept-ranges
bytes
ZNwk6RJqZPe9_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/ZNwk6RJqZPe9_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5cb142023a621932c497c0445ca5e28616fda11d94781ab67475aec6f2531961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
AMzU48304D/N0c+oY9ECJw==
content-length
194374
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 17:56:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD3C55A426C65"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
63896a76-601e-004c-6cb5-05006e000000
cache-control
max-age=31382051
x-ms-version
2014-02-14
accept-ranges
bytes
oaePnegj1MOp_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		170 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/oaePnegj1MOp_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee41a0fe4a4dbc63e0e5a3b0a8dfaa2551655264a352348a4fa7a67d862ce975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
aW5zKlCs3C1ObCtW8P6k1w==
content-length
172604
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD37510449CE9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
da23dec1-e01e-0052-0962-05ecb6000000
cache-control
max-age=31346580
x-ms-version
2014-02-14
accept-ranges
bytes
lD6MGKxA2nBZ_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/lD6MGKxA2nBZ_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0eaaced345857ab11de88d635ac87867c456bc77e26775baa1517d44b787dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
DRaxVGdhqHM6E6fePEKAgw==
content-length
305553
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD375104ADD7E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7d196f3b-201e-00cb-4562-05930b000000
cache-control
max-age=31346832
x-ms-version
2014-02-14
accept-ranges
bytes
R9paa359wAvz_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/R9paa359wAvz_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c754cd8dbd9b42e516f5953e66c3d799dec837fbff168b50ceba4ef60f77d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
Pwb62wHqeCtf2CDoHKME2w==
content-length
340239
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD3751057D914"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c2c088ff-f01e-0141-2962-0536b7000000
cache-control
max-age=31346883
x-ms-version
2014-02-14
accept-ranges
bytes
AJ2Kd0JqLgKg_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/AJ2Kd0JqLgKg_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
840badd1101c659fe0b67109b2775fb21dbe37970387b478af2a6a1849bdf1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
VvrM3uWkz3L/X4BfdDcwVQ==
content-length
226697
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 08:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD375105FA022"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7d18ebfb-201e-00cb-5862-05930b000000
cache-control
max-age=31346650
x-ms-version
2014-02-14
accept-ranges
bytes
e0eKoW2XZJDX_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/e0eKoW2XZJDX_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cb1f3ac43e39c1bdc81905bfc2bf24eaa72f6fd4d8653e7f7dd060aeca754aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
L/ic5yqfD/AAkHUFSESdeQ==
content-length
379819
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 01 Dec 2022 18:13:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD3C7C1A531D0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ce724c2c-f01e-00f7-51b5-05bacc000000
cache-control
max-age=31382140
x-ms-version
2014-02-14
accept-ranges
bytes
AJ6P2X4AxKOR_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/AJ6P2X4AxKOR_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e1a15a4e8a78dcebe001bec963747978f93ff56d3a74206b746f9e1e595c9af0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
/iivtFpfnWCbWemcR6iUSg==
content-length
203144
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1171A94C4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1724aab1-601e-00a8-69cd-040ef0000000
cache-control
max-age=31282752
x-ms-version
2014-02-14
accept-ranges
bytes
okPrVDqO8DW6_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/okPrVDqO8DW6_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5cb142023a621932c497c0445ca5e28616fda11d94781ab67475aec6f2531961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
AMzU48304D/N0c+oY9ECJw==
content-length
194374
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1172E9A51"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
33a5ccdd-b01e-011d-65d1-0463ef000000
cache-control
max-age=31284402
x-ms-version
2014-02-14
accept-ranges
bytes
pLxLBD8ADAzl_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/pLxLBD8ADAzl_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cb1f3ac43e39c1bdc81905bfc2bf24eaa72f6fd4d8653e7f7dd060aeca754aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
L/ic5yqfD/AAkHUFSESdeQ==
content-length
379819
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E117232A57"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
929618f1-a01e-00a7-3ccd-04789c000000
cache-control
max-age=31282565
x-ms-version
2014-02-14
accept-ranges
bytes
R9gKg2o3XqKY_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/R9gKg2o3XqKY_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c754cd8dbd9b42e516f5953e66c3d799dec837fbff168b50ceba4ef60f77d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
Pwb62wHqeCtf2CDoHKME2w==
content-length
340239
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E11709A74E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9fff62f9-a01e-0098-5fcd-04b03f000000
cache-control
max-age=31282702
x-ms-version
2014-02-14
accept-ranges
bytes
3J50p9W0j70A_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/3J50p9W0j70A_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ab5b9e2dbae2c882c3adc75f30a5c0a937a034cb9c1f12c64f28957bec4fbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
vvXXmgzlEbu7bXdwwSLY9w==
content-length
169225
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1175287FE"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
254a5501-301e-000c-3ad1-040756000000
cache-control
max-age=31284261
x-ms-version
2014-02-14
accept-ranges
bytes
e0z7p8L5Jp5d_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/e0z7p8L5Jp5d_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
840badd1101c659fe0b67109b2775fb21dbe37970387b478af2a6a1849bdf1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
VvrM3uWkz3L/X4BfdDcwVQ==
content-length
226697
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1171633F8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
033b2618-901e-00bc-17cd-04469f000000
cache-control
max-age=31282536
x-ms-version
2014-02-14
accept-ranges
bytes
e0z2awre1Z7J_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		170 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/e0z2awre1Z7J_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee41a0fe4a4dbc63e0e5a3b0a8dfaa2551655264a352348a4fa7a67d862ce975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
aW5zKlCs3C1ObCtW8P6k1w==
content-length
172604
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E11732B85E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b811e6b3-f01e-0071-7bcd-047675000000
cache-control
max-age=31282528
x-ms-version
2014-02-14
accept-ranges
bytes
oa31jRADeJRj_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/oa31jRADeJRj_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0eaaced345857ab11de88d635ac87867c456bc77e26775baa1517d44b787dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
DRaxVGdhqHM6E6fePEKAgw==
content-length
305553
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1174E2B91"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
17fc2b0f-b01e-0150-2bcd-04ac03000000
cache-control
max-age=31282457
x-ms-version
2014-02-14
accept-ranges
bytes
3J554MZoVz11_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/3J554MZoVz11_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0521d957d9eb62c5262d7a020bed3cba3fb7e67306690f12787b1c3e35836578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
1cthS8O8fumEOxN6m8peug==
content-length
263452
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EBC9EC31"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
91fea960-201e-00b9-7970-049444000000
cache-control
max-age=31242689
x-ms-version
2014-02-14
accept-ranges
bytes
9J556evK376z_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		211 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/9J556evK376z_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dad455de8f42dab8d0d72da14e542959a59f9b020f52d9ae8938d1a86e6b9c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
wOfUZbimaffEXtOlef41Fw==
content-length
212639
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E11710D230"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3ccef066-501e-0078-57d1-0433a6000000
cache-control
max-age=31284378
x-ms-version
2014-02-14
accept-ranges
bytes
9J5v73jp8Aqd_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/9J5v73jp8Aqd_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8405bb9e26a270580c2a19d2b282043af929ee7f41928c013ef252e2ee76c1a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
WyWlVVf7KeNLc1jf7xdrHw==
content-length
204230
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 14:42:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD2E1175C9D4B"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
65fabaf7-401e-0039-39d1-046b42000000
cache-control
max-age=31284205
x-ms-version
2014-02-14
accept-ranges
bytes
okX6rjdd2kzv_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/okX6rjdd2kzv_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
840badd1101c659fe0b67109b2775fb21dbe37970387b478af2a6a1849bdf1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
VvrM3uWkz3L/X4BfdDcwVQ==
content-length
226697
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB6D5F3E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
16e7f3b2-c01e-006a-7d70-044876000000
cache-control
max-age=31242558
x-ms-version
2014-02-14
accept-ranges
bytes
lDX8V84PGKY8_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/lDX8V84PGKY8_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ab5b9e2dbae2c882c3adc75f30a5c0a937a034cb9c1f12c64f28957bec4fbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
vvXXmgzlEbu7bXdwwSLY9w==
content-length
169225
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB71564B"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d24af69a-801e-0054-0270-04df09000000
cache-control
max-age=31242747
x-ms-version
2014-02-14
accept-ranges
bytes
AJ53NplDjzVv_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/AJ53NplDjzVv_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8405bb9e26a270580c2a19d2b282043af929ee7f41928c013ef252e2ee76c1a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
WyWlVVf7KeNLc1jf7xdrHw==
content-length
204230
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB74FE49"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3f4dd6cd-601e-005c-6170-04c506000000
cache-control
max-age=31242505
x-ms-version
2014-02-14
accept-ranges
bytes
9PNoMPaVXLRA_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/9PNoMPaVXLRA_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5cb142023a621932c497c0445ca5e28616fda11d94781ab67475aec6f2531961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
AMzU48304D/N0c+oY9ECJw==
content-length
194374
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB7C021E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b4158a53-c01e-0027-7770-04879a000000
cache-control
max-age=31242822
x-ms-version
2014-02-14
accept-ranges
bytes
AJ55d07o9Mlv_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		211 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/AJ55d07o9Mlv_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dad455de8f42dab8d0d72da14e542959a59f9b020f52d9ae8938d1a86e6b9c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
wOfUZbimaffEXtOlef41Fw==
content-length
212639
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB8B1B18"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
29d3806f-401e-0016-0870-046689000000
cache-control
max-age=31242641
x-ms-version
2014-02-14
accept-ranges
bytes
e0LXOBdvoRN4_wc.png
storageaudiobursts.azureedge.net/images/ Frame 6718 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/images/e0LXOBdvoRN4_wc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cb1f3ac43e39c1bdc81905bfc2bf24eaa72f6fd4d8653e7f7dd060aeca754aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
L/ic5yqfD/AAkHUFSESdeQ==
content-length
379819
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 30 Nov 2022 03:28:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DAD282EB9DDDF6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
55805426-d01e-0066-1a70-04df7e000000
cache-control
max-age=31242691
x-ms-version
2014-02-14
accept-ranges
bytes
22410.png
storageaudiobursts.azureedge.net/site/images/stationIcons/ Frame 6718 		621 KB
619 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storageaudiobursts.azureedge.net/site/images/stationIcons/22410.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b6c82ad48e0d212cafbf007965da73bf98e85ba0bf3c84975ea44dcb04245dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
content-md5
DrY6BzZ/IAJ8pOFQm/CRww==
content-length
632265
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Sun, 11 Sep 2022 11:08:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8DA93E5E3A5D22D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
757355fd-201e-00cb-4d13-06930b000000
cache-control
max-age=31422788
x-ms-version
2014-02-14
accept-ranges
bytes
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 867D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 12:42:10 GMT
expires
Sun, 03 Dec 2023 12:42:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 14B4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6fe97f79551e2a39ec4d81e284b53c6438023b7c7707a0f190f859997b1fdd93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-27WS1FnBJN8HB-Wdwizx8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-27WS1FnBJN8HB-Wdwizx8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:05 GMT
expires
Sat, 03 Dec 2022 13:30:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=395D2C02B3A2422298C03E17546D7B53&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=395D2C02B3A2422298C03E17546D7B53&dongle=yf3
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=395D2C02B3A2422298C03E17546D7B53&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=395D2C02B3A2422298C03E17546D7B53
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=395D2C02B3A2422298C03E17546D7B53
Protocol
H2
Server
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 03 Dec 2022 13:30:05 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=395D2C02B3A2422298C03E17546D7B53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=395D2C02B3A2422298C03E17546D7B53
  • https://d.agkn.com/pixel/10751/?che=1670074205403&ip=193.27.14.40&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217403104354001734404
  • https://um.simpli.fi/aa_px?sk=217403104354001734404
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=395D2C02B3A2422298C03E17546D7B53
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=395D2C02B3A2422298C03E17546D7B53
Protocol
H2
Server
52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-6.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 02 Dec 2022 13:30:05 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 02 Dec 2022 13:30:05 GMT
400646.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=395D2C02B3A2422298C03E17546D7B53;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=395D2C02B3A2422298C03E17546D7B53;mimetype=img;sr
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-2726394328221531592
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/400646.gif?partner_uid=-2726394328221531592
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://idsync.rlcdn.com/400646.gif?partner_uid=-2726394328221531592
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=395D2C02B3A2422298C03E17546D7B53&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 02 Dec 2022 13:30:05 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=395D2C02B3A2422298C03E17546D7B53
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=395D2C02B3A2422298C03E17546D7B53
Protocol
HTTP/1.1
Server
18.215.228.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-228-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 03 Dec 2022 13:30:04 GMT

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=395D2C02B3A2422298C03E17546D7B53
62 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=395D2C02B3A2422298C03E17546D7B53
Protocol
H2
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 03 Dec 2022 13:30:05 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
tpid=395D2C02B3A2422298C03E17546D7B53
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=395D2C02B3A2422298C03E17546D7B53
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=395D2C02B3A2422298C03E17546D7B53
Protocol
H2
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.75
content-length
49
expires
0

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=395D2C02B3A2422298C03E17546D7B53
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=395D2C02B3A2422298C03E17546D7B53
Protocol
HTTP/1.1
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 03 Dec 2022 13:30:05 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=395D2C02B3A2422298C03E17546D7B53
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=395D2C02B3A2422298C03E17546D7B53
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1670074204556&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XU-LY_mYDbOXxdwPw8KA6AM&cid=CAQSKQDq26N9yaSaDs_dT5Q7HK-BEyrfLPLq72-kRhNg5IG6yVRx2r_kfd0YIBM&random=472929340&ipr=y&prhg=0
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=216454999&cv=7&fst=1670074204556&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XU-LY_mYDbOXxdwPw8KA6AM&cid=CAQSKQDq26N9yaSaDs_dT5Q7HK-BEyrfLPLq72-kRhNg5IG6yVRx2r_kfd0YIBM&random=472929340&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53&__user_check__=1&sync_id=99537a8d-730e-11ed-aad7-1a7cb9e30506
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53&__user_check__=1&sync_id=99537a8d-730e-11ed-aad7-1a7cb9e30506
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 13:30:05 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
101
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 03 Dec 2022 13:30:05 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7797&uid=395D2C02B3A2422298C03E17546D7B53&__user_check__=1&sync_id=99537a8d-730e-11ed-aad7-1a7cb9e30506
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
22
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=395D2C02B3A2422298C03E17546D7B53
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D395D2C02B3A2422298C03E17546D7B53
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D395D2C02B3A2422298C03E17546D7B53
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 13:30:05 GMT
AN-X-Request-Uuid
53a9e718-abbd-4ea8-8b97-ce5c872ea4b8
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.40; 193.27.14.40; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 13:30:05 GMT
AN-X-Request-Uuid
0e6110ee-50f1-45f5-93f3-d38b856de719
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D395D2C02B3A2422298C03E17546D7B53
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
193.27.14.40; 193.27.14.40; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=395D2C02B3A2422298C03E17546D7B53&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=395D2C02B3A2422298C03E17546D7B53&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=395D2C02B3A2422298C03E17546D7B53&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=395D2C02B3A2422298C03E17546D7B53
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=395D2C02B3A2422298C03E17546D7B53
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=395D2C02B3A2422298C03E17546D7B53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 02 Dec 2022 13:30:05 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIgvwo_E5rX6JnYljmRQ_40&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=395D2C02B3A2422298C03E17546D7B53
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 02 Dec 2022 13:30:05 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6os6os914q3773sp5369856oo6o1s089playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/6os6os914q3773sp5369856oo6o1s089playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
672f90d2a0dd3ce6c13351601a1c6c19e68e300c33922b69a1e7abce9a23ce1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Sat, 03 Dec 2022 04:12:52 GMT
server
AmazonS3
etag
"6f1ee175f5b492ee086c6d5985682810"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
IYGg03uiAo9Q_K-bfXvRWoXhVPoPBidjr5VINwMl4na6EINWAIKm6A==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&cmd=IMA&key=STBtG2Zi&c_id=12095&seq=1&order=4&absoluteTime=7427.4&relativeTime=2499.4&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.547.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&ldt=BIDS&key=STBtG2Zi&c_id=12095&seq=1&order=5&absoluteTime=7428.1&relativeTime=2500.1&sm_id=2399783&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4735&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.triplelift.time=417.7&prebid.bidders.spotx.time=437.5&prebid.bidders.pubmatic.time=1002.6&prebid.bidders.rubicon.time=225.7&prebid.bidders.appnexus.time=183&prebid.bidders.ix.time=167.6&prebid.start=6400&prebid.time=1008.2&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=freedom1570.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame 03ED 		210 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
last-modified
Mon, 28 Nov 2022 20:34:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=77270
accept-ranges
bytes
content-length
65523
expires
Sun, 04 Dec 2022 10:57:55 GMT
truncated
/ Frame 03ED 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e11ec3a5c86f0a46ff64511dfb7f2523814d02b04eb329f681a627f70dfab49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A155 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 12:42:10 GMT
expires
Sun, 03 Dec 2023 12:42:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A079 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
804166117e8fad394768f566f011a1c063160e844518dd52677597a29c833cd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZYoAr-pPM5_Q2TxCMPkn_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZYoAr-pPM5_Q2TxCMPkn_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:05 GMT
expires
Sat, 03 Dec 2022 13:30:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
outputlist.m3u8
storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/ Frame 6718 		478 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/outputlist.m3u8
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
92576381f4459d9adeb75a49b42df4a258ee050eb71f4c046be0093d0605eacc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
last-modified
Thu, 01 Dec 2022 22:07:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
L4wnfkP9Y+7dU8Tvp+Reaw==
etag
"0x8DAD3E86526BA69"
content-type
application/x-mpegurl
access-control-allow-origin
*
x-ms-request-id
59c2e720-101e-0079-7d40-066c7a000000
cache-control
max-age=31441878
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
478
x-ms-lease-state
available
57n3p79657q22o20rs4q1p083s7r3194base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		7 KB
7 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/57n3p79657q22o20rs4q1p083s7r3194base.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f889484684bae74a9c2f7c6fbaf096f453419d4f42a72b378c140c36db73962

Request headers

Referer
https://freedom1570.com/
Origin
https://freedom1570.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified
Sat, 03 Dec 2022 04:14:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"ff0938a6bfa5d29989256d405a71794d"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
content-length
6898
x-amz-cf-id
lS_z9JZmzrOUK31LUEJo0nXcMn_UKtbGtqpULsP-YqDeDo_NqbMRPw==
Z3dwaxPM3xKL000.ts
storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/ Frame 6718 		195 KB
195 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/Z3dwaxPM3xKL000.ts
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1692ba25fbc9d8f4309df26749c2a38a604f39e362fb9eb12248409bfa585abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:05 GMT
last-modified
Thu, 01 Dec 2022 22:07:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
SPTlkfEE28t+pNzHVGw32g==
etag
"0x8DAD3E86527087B"
content-type
audio/MP2T
access-control-allow-origin
*
x-ms-request-id
0f239133-201e-0130-0440-06d09c000000
cache-control
max-age=31441963
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
199280
x-ms-lease-state
available
ads
pubads.g.doubleclick.net/gampad/ Frame B431 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C6177%2Fsalemfreedom1570-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Ffreedom1570.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2399783&us_privacy=false&cust_params=sessionKey%3D207579700-gY1eaO5RGwhGEQmm%26schain%3Dstnvideo.com%2C0r5NXHklBRrnbCMVw10iMA%26content%3D4735%26placementType%3DPremium%26embed%3DSTBtG2Zi%26domain%3Dfreedom1570.com%26player_size%3Dlarge%26player_width%3D880%26player_height%3D495%26player_type%3Dfloat%26version%3D7.10.1-X%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D15%26us_privacy%3Dfalse&sdkv=h.3.547.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.547.0&sid=1A66DF84-B416-4DCA-987E-9FAB7EA51C62&nel=0&eid=44730896%2C44748969%2C44765701&url=https%3A%2F%2Ffreedom1570.com%2F&dlt=1670074198255&idt=5565&dt=1670074205391&cookie=ID%3Ded825c62b23e934d%3AT%3D1670074201%3AS%3DALNI_MYyACLqLAF_eTAeWCW4qo7Yw5m-vA&gpic=UID%3D00000b8c3a012875%3AT%3D1670074201%3ART%3D1670074201%3AS%3DALNI_MYDFpsr1s_85yF3okKqouCeM6cLCw&correlator=634696374046803&scor=477469430282726&ged=ve4_td7_tt1_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b92c25873dce52845bf186f0a8b5f9d4955146dbd7fca6592010e733e82cd08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1257
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
End_Humanity.mp3
24103.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media-session/2d667845-ca07-4f50-b2df-247e3b47b675/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-... Frame 6718
Redirect Chain
  • https://pdst.fm/e/chrt.fm/track/23284G/arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-...
  • https://chrt.fm/track/23284G/arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-...
  • https://arttrk.com/p/SMRQ4/verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp...
  • https://verifi.podscribe.com/rss/p/traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?utm_source=Podcas...
  • https://traffic.omny.fm/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio.mp3?
  • https://salem.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio/dir...
  • https://24103.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media-session/2d667845-ca07-4f50-b2df-247e3b47b675/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/8...
559 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://24103.mc.tritondigital.com/OMNY_DENNISPRAGERPODCASTS_P/media-session/2d667845-ca07-4f50-b2df-247e3b47b675/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio/direct/t1669930111/End_Humanity.mp3?t=1669930111
Protocol
H2
Server
69.31.54.157 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:08 GMT
last-modified
Sat, 03 Dec 2022 13:30:08 GMT
access-control-allow-methods
GET, HEAD
content-type
audio/mpeg
access-control-allow-origin
*
Content-Range
bytes 0-34375295/34375296
cache-control
private, max-age=3599
accept-ranges
bytes
access-control-allow-headers
*
Content-Length
34375296
expires
Sat, 03 Dec 2022 14:30:08 GMT

Redirect headers

date
Sat, 03 Dec 2022 13:30:07 GMT
x-stw-site
LDN
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
location
https://24103.mc.tritondigital.com:443/OMNY_DENNISPRAGERPODCASTS_P/media-session/2d667845-ca07-4f50-b2df-247e3b47b675/d/clips/5e27a451-e6e6-4c51-aa03-a7370003783c/6962edbd-2574-4123-a3c3-a8400005cd73/849a88db-5f3b-4681-9b9d-af5e01616778/audio/direct/t1669930111/End_Humanity.mp3?t=1669930111
access-control-expose-headers
*
cache-control
private, max-age=8319606680857030259
x-stw-mc
DAL-MC01_S001
access-control-allow-headers
*
content-length
703
expires
Sat, 00 Jan 1644837556 09:01:06 GMT
38c18c74-137c-4fc3-82cd-f7f1b41a4d11
https://embed2.audioburst.com/ Frame 6718 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://embed2.audioburst.com/38c18c74-137c-4fc3-82cd-f7f1b41a4d11
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
369c91fbac286538504e072605e67dc7e51258292ccff58d2dba15c8e84f7be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length
63731
Content-Type
text/javascript
sodar
pagead2.googlesyndication.com/pagead/ Frame 14B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=2149526313044523&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A079 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=1360837157070732&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame 867D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 17:24:36 GMT
/
trends.revcontent.com/api/demand/ Frame 03ED 		52 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=272943
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-RC-Region
eu-west-1c
Date
Sat, 03 Dec 2022 13:30:05 GMT
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
Content-Type
text/html; charset=UTF-8
access-control-allow-origin
https://freedom1570.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
52
sync
trends.revcontent.com/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-RC-Region
eu-west-1a
access-control-allow-origin
https://freedom1570.com
Date
Sat, 03 Dec 2022 13:30:05 GMT
access-control-allow-credentials
true
Server
openresty
Connection
keep-alive
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
view
securepubads.g.doubleclick.net/pcs/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0X4-5Dd26iLWX5TGi_7d8Bu64_nWV1Aw6d0A92r7cgYsVS-kOdvQvpWJpiONfJHlefMJPvkuSIBXVs76irS1eEQd4I531FcvNBADjsJ8H6QAuaNOmWa5dNZ8ZOLiz5Y5pV8ZXPKd4izRshj1RaF1oElNQCaqO-oLxNmfNf88NuXlokWTv2Agsc8l3zkqoh0bDAMrS90QwpTiOal91SKHUHjt38PyIN2ujkSHkBeQuFxWJYe6VRPlkIKxwocwPXqvYD7KrDFaqneS6EWWmGGADvW-1-ggRgA0mbkhs8FFpBQ26zVaZeZfCuyRPtEL8wGrvymwcuB-cjnc&sai=AMfl-YSH86smnjxsiND7D9vFbvsqzFpzCGGanGdEsYwo9hMSBgswPFANSM6INYED7sEK6C7-FhljxVkf8hHlfFUdp8iv_di-S6Ncly8VlOQNsUX6U7FxcOlbM9WQOur-ZwQxlg&sig=Cg0ArKJSzC4aHrHmDWZDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:05 GMT
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame A155 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 17:24:36 GMT
6os6os914q3773sp5369856oo6o1s089.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		1 KB
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6os6os914q3773sp5369856oo6o1s089.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59d56e850330747bd2fb57cf0009e9f784d02fa6d09b420ca8291e7ade294e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
content-encoding
gzip
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Sat, 03 Dec 2022 04:14:01 GMT
server
AmazonS3
etag
W/"7726f201d5d3eeffe21c7f1edd3f1ba4"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
bncWQ4ss4NOBBhPbxWBYgBLGvcSEnrE9BLI2UYhMrm05ehS6MlF1lQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&cmd=INV&key=STBtG2Zi&c_id=12095&seq=1&order=6&absoluteTime=7980.7&relativeTime=3052.7&alt=0&sC_ID=4735&sm_id=2399783&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:05 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=STBtG2Zi&ES_key=STBtG2Zi&ES_ID=31068&S_RKEY=83I59Hea6d&USR_ID=207579700&ST_usrKey=gY1eaO5RGwhGEQmm&SM_ID=2399783&C_ID=12095&C_companyName=Salem%20Media&version=70100019&sC_ID=4735&AC_ID=2008&TYPE=FLOAT&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&PLAYERWIDTH=880&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 13:30:05 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 03 Dec 2022 13:28:04 GMT
/
trends.revcontent.com/api/delivery/ Frame 03ED 		7 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=272943&width=728&rev_allow_cookies=0&site_url=https%3A%2F%2Ffreedom1570.com%2F&icr_url=&referer=https%3A%2F%2Ffreedom1570.com%2F&va=0&time=1670074205876&banner_size=728x90&up=pc&bn=chrome&bv=108&widget_width=728&style_id=0&idhub[pubcid]=118c91f5-d88d-4b0b-ad5a-dafe646ce945&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
cf17158749f8a238e3f6c761fd05b895850d1528e5c67037f9a00cc595c439c4
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-RC-Region
eu-west-1c
Date
Sat, 03 Dec 2022 13:30:05 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
access-control-allow-origin
https://freedom1570.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
3678
ads
pubads.g.doubleclick.net/gampad/ Frame B431 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsalemfreedom1570-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D207579700-gY1eaO5RGwhGEQmm%26schain%3Dstnvideo.com%2C0r5NXHklBRrnbCMVw10iMA%26content%3D4735%26placementType%3DPremium%26embed%3DSTBtG2Zi%26domain%3Dfreedom1570.com%26player_size%3Dlarge%26player_width%3D880%26player_height%3D495%26player_type%3Dfloat%26version%3D7.10.1-X%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D15%26us_privacy%3Dfalse&url=https%3A%2F%2Ffreedom1570.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Ffreedom1570.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=1A66DF84-B416-4DCA-987E-9FAB7EA51C62&adk=2458199627&correlator=634696374046803&ctv=0&dlt=1670074198255&dt=1670074205886&ged=ve4_td8_tt2_pd8_la8000_er975.1200.1200.1600_vi0.0.1200.1600_vp100_ts1_eb24171&idt=5565&is_amp=0&omid_p=Google1%2Fh.3.547.0&osd=2&ptt=20&scor=477469430282726&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44730896%2C44748969%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.547.0&sdr=1&vconp=2&video_doc_id=2399783&vpa=auto&vpmute=1&nel=0&cnc=6177&kfa=0&tfcd=0&top=https%3A%2F%2Ffreedom1570.com%2F&loc=https%3A%2F%2Ffreedom1570.com%2F&cookie=ID%3Ded825c62b23e934d%3AT%3D1670074201%3AS%3DALNI_MYyACLqLAF_eTAeWCW4qo7Yw5m-vA&gpic=UID%3D00000b8c3a012875%3AT%3D1670074201%3ART%3D1670074201%3AS%3DALNI_MYDFpsr1s_85yF3okKqouCeM6cLCw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Z3dwaxPM3xKL001.ts
storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/ Frame 6718 		195 KB
196 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/Z3dwaxPM3xKL001.ts
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d245f5d3aac19a3043659d0ec5f04b066c845d98e40ae2663e313390852730f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:06 GMT
last-modified
Thu, 01 Dec 2022 22:07:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
FTU/Tk7osEMsEa5nk+opYQ==
etag
"0x8DAD3E86529EE3D"
content-type
audio/MP2T
access-control-allow-origin
*
x-ms-request-id
0f239343-201e-0130-7840-06d09c000000
cache-control
max-age=31441847
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
199656
x-ms-lease-state
available
rtbWidget.delivery.js
assets.revcontent.com/master/ Frame 03ED 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
f3f7e0c5ca173328f7f813474750073fb3eef3382520f26f635e647f4d3683f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 21:15:02 GMT
server
AmazonS3
x-amz-request-id
6XPQVYGD558455K7
etag
"fb225ec5c72f6eeb4694d141497a976e"
x-hw
1670074206.cds275.lo4.hn,1670074206.cds214.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
5031
x-amz-id-2
4QFvr0o45z5byDWET0R04oPDxxW5s1mcJXa7hcu+Og/NLNmzcySoYSkeXMLfde97B/1wFKdbR8o=
generate_204
tpc.googlesyndication.com/ Frame A155 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jCYn6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 867D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8X-xAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
6387680982a680-22554776.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_90,w_180,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ Frame 03ED 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_90,w_180,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6387680982a680-22554776.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
8759f3a0cd9669c1ac11283fd7f6c25f0bf660c3b9430787e43c82775cc9bf43
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 01 Dec 2022 01:32:45 GMT
server
Cloudinary
etag
"484a22a54da5a7e958ee3118fdb4deda"
x-hw
1670074206.cds272.lo4.hn,1670074206.cds266.lo4.sc,1670074206.cds266.lo4.p
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=141;cpu=1;start=2022-12-03T13:30:06.287Z;desc=miss,rtt;dur=0,cloudinary;dur=51;start=2022-12-03T13:30:06.332Z
accept-ranges
bytes
timing-allow-origin
*
content-length
8519
impression
trends.revcontent.com/event/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region
eu-west-1c
Date
Sat, 03 Dec 2022 13:30:06 GMT
Strict-Transport-Security
max-age=931536000; includeSubDomains
Server
openresty
access-control-allow-origin
https://freedom1570.com
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
Content-Type
Z3dwaxPM3xKL002.ts
storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/ Frame 6718 		195 KB
196 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storageaudiobursts.azureedge.net/stream/Z3dwaxPM3xKL/Z3dwaxPM3xKL002.ts
Requested by
Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bddefe0bb7aabfa4bd8abb97d6919a0611560076f370177c3bf33dd586787e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed2.audioburst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 03 Dec 2022 13:30:06 GMT
last-modified
Thu, 01 Dec 2022 22:07:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
rU7ezHD5xaIJ/VYT+pkllg==
etag
"0x8DAD3E865288EE1"
content-type
audio/MP2T
access-control-allow-origin
*
x-ms-request-id
664f633d-601e-0001-5c1b-07cf82000000
cache-control
max-age=31536000
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
199468
x-ms-lease-state
available
6os6os914q3773sp5369856oo6o1s089-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		707 KB
709 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6os6os914q3773sp5369856oo6o1s089-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7d788b7a95e0c5b6fe7838271b4e4f511339dcf30038ed83d5f271c74e562e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
724176
last-modified
Sat, 03 Dec 2022 04:13:58 GMT
server
AmazonS3
etag
"3e1dd7d666eba4db38a11db3bc280270"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Z-fhgH_5aKceP4hLaYpRDXqXGL8vJyW8o790eMswopn2ciDw4N_wUA==
page-view
yeet.revcontent.com/yeet/events/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

X-RC-Region
eu-west-1a
access-control-allow-origin
*
Date
Sat, 03 Dec 2022 13:30:06 GMT
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 03ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

X-RC-Region
eu-west-1c
access-control-allow-origin
*
Date
Sat, 03 Dec 2022 13:30:06 GMT
Server
openresty
Connection
keep-alive
vary
Origin
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://freedom1570.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 03 Dec 2022 13:30:06 GMT
Server
openresty
X-RC-Region
eu-west-1a
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://freedom1570.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 03 Dec 2022 13:30:06 GMT
Server
openresty
X-RC-Region
eu-west-1c
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=2149526313044523&bg=!W1ilWBzNAAbvMpMzzzI7ACkAdvg8Wvt4bHabRsO3pZDt7V3SUZ42gX5WJXsd6lT4NToVlo66uJ1EWQIAAAG9UgAAAANoAQeZAr6lmANoVhFm822xABq0qrzRFCvF2YNFG0LRiYnqpmlTa0IV5tEi4sJXItCpkv36gl_LJgfmDEOZxDyPCTm7nzDWQH8DcEvDd0NQAEf6H0XazKSJD5_pMdpjygEAMDXwq3qUsowgHeJ2jTi0mPpuQHsCG4zybNNrqqECpAenLJ2Y8qaZWIbAwf68JnknGYguGZQodxd9u8CZvcFwoRTlAnveTkjeBjxbd9X3XQXlrNx0AlCH-W8NCIR_HwrjnfzQXzqoj8lzw_rHs8GhFmCSwKyp0hEqpIlLVRVFp4uGXhyo__Pd3e97qemSJnrqK4C4g9TI7M-keNAQiyVIFQ1lRZNxhTDI7xWYU3zWdOwXjj32drIglq5gQvjIZ8TI2CITxmkIdwqXaqr9rwlM8-ifGK84IaR_-FgDg7huCx1dDFOY94kUX6ipUPinSkDed-zzjVnqNsMSSqOggE04GWANyFjfKPnERdq8Z_CBxG8UJBhQedjBWOlKSNoBRXZ0L8YMtbkMXok4l6yhNRwO-tQAoFfmpP3IbYjN5eRK4RgyHwZBJ-hpQDf1nNrWwLCVZBP_TqV8HlKm1W19D40istI1vfdX0DnfEZW0DRlr98_H0gBI6YzhDbEgcRJoKuSeVCjJMCdbf3wmcP1D0KwdRyU4-bp5n5Vbd1ytmJ5q--_JN15IJPkkg_fUBkaeicN5JFnMYZhQdcixNs_HqvJwXGQAXYPtrX-Uj2qGOTA20okORa8xik6zkJSbivXTpX8iiYWQh_huQBpmgs4pSBAtjsvHM-8rEir1MsuWsg3ALi7obH7vEvIR54usXlRTQZ3hYeeDYqS9nBFnYJbNz_G9aSuISEfKX-lxdZK1sJvG6wVjeS-vWEVqqpOJGx24bZ-JAV6CTvzSn5K11Q1XWNdYFvJxSqsj3JdX2t4XJg7UzWlYv5o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=1360837157070732&bg=!LS6lLmrNAAbvMpMzzzI7ACkAdvg8WoAk9dXZqKlGzyQy1kQUx9DW_urT-dSgb3VxZW9R1iy6wm1qRwIAAAGxUgAAAANoAQcKABxVO4pIdJeU-SuO3rBokjm3aE6bi-ZUSjGCYCL0mQK0OvYxKxFKzjdvfDG7mJBSAwYmUE8UQUhHhk2Xu6hGfxTe880CU0nUORU_MrhRkpjQIMu0i7oSTeQskmpLZECNNmwCDIdnSgdpI588FOyVFlNMQfbiI0Xwve2RTK1NCTrFQQCfvJckpkPN7VsfIB_CNT3C3cPz2iQq4DjonREjDj-lykJxszdrPVQkyCNFuCYMfZJVe3IGV_cVlnK63T0cP26QtHGaPhplybCDJv-kuSArNX08fOap0YVSAqir7qgjQK9pmwQ4DNCSg-jkWX8JQn7sTCqu5TNqQskIfnMV-AruZALQQQGYPgwDuFumjmgCN5cyN2LFnOw2L6G4SzjYI8uDw7LqRi9pCAZK0Nck22vYowc0C5-bqMByDyYimtI8Mi-0c2Nc1vo0Br6okl-7uFUkpuhNt8EOvaaHtFan28ESGQzzyDaEb7M39dgsYzTaRGEedA8xCPLNzE6zmh1Auag2wrieSOMXFhP7AFpDqb6MqxJhSzGw6Js51lOpYXG7opuHHPQVocHTzO4CloTW_NNi2w8PKcatW3ICbpK0z2fdZeVgLNLdECNbVmaqQD9Rn_APhe-jGYiPeDTqoAC6Gm4ZZLSlnFod8xq430ThtezWstNilcPsqgQ848GJXthVUnEQMJ57cuUYBxgV9TTyVR402YrALAJ1PsC2ZA2x7aGIJUnZPIe2lphwymZ48LR1ChlYY8fSzcAWMATK3x6lNxibAp7Pb5ynd1Qclpnan6711P21lhi2DuSX6bi32Co0I9GCf6WcMFjHoj0q9hgadn90N3dTJmzkmk7YX8Sry8pUwzi3UZw-Gdpaexb5yfyOIkoFZzsOWiRiDUQp0qJQl-AhF0QDbxQvjBCGgd_QLEoGh-SzjR4QgEy2OfxxJX7BkwI8S_SXvrGTjhSGQs8-aUGU74s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
c526d0ba-8dff-4e12-97de-14a6cb1a2185
https://freedom1570.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://freedom1570.com/c526d0ba-8dff-4e12-97de-14a6cb1a2185
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16fb2a576203586c2b8134ec9c5372c9c0641ea10cd3f14716a6f1118a417d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
p
sb.scorecardresearch.com/ Frame 8FC9 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1670074203683&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=253327&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2399783&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1670074207209&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3526&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Ffreedom1570.com%2F&c8=&c9=https%3A%2F%2Ffreedom1570.com%2F
Requested by
Host: freedom1570.com
URL: https://freedom1570.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
mr7eYgA5sUeLQsQl3mFAy_68PVnoybLp4hfPelaLC4-QkVXOv-NKUA==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=gY1eaO5RGwhGEQmm&instance=207579700&version=7.10.1-X&age=221203&cmd=PLAY&key=STBtG2Zi&c_id=12095&seq=1&order=7&absoluteTime=9481&relativeTime=4553&alt=0&sC_ID=4735&sm_id=2399783&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.111.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-111-192.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=STBtG2Zi&ES_key=STBtG2Zi&ES_ID=31068&S_RKEY=83I59Hea6d&USR_ID=207579700&ST_usrKey=gY1eaO5RGwhGEQmm&SM_ID=2399783&C_ID=12095&C_companyName=Salem%20Media&version=70100019&sC_ID=4735&AC_ID=2008&TYPE=FLOAT&EXTREF=https://freedom1570.com/&REF=https://freedom1570.com/&PLAYERWIDTH=880&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 13:30:07 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 03 Dec 2022 13:30:08 GMT
6os6os914q3773sp5369856oo6o1s089.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 KB
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/6os6os914q3773sp5369856oo6o1s089.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123X/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
184b4f916049eda5f6cb7bd69a4274d3674327df3c40b2bcafdd16b8d46f8f10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:08 GMT
content-encoding
gzip
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Sat, 03 Dec 2022 04:13:41 GMT
server
AmazonS3
etag
W/"df7a92f5cf36d210b9ca6976dbdd3a40"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
IE72QGP4Ay5puB2bC-Bn5IJdv08c9TJSDrGwDuzZpVS_crkyCnHZEQ==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreedom1570.com%2F&domain=freedom1570.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://freedom1570.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 03 Dec 2022 13:30:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
524665
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 03ED 		49 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://freedom1570.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 03ED
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreedom1570.com%2F&domain=freedom1570.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=t0Mz9nxIZ0lkWTAzcm1ITlhLZEh2aTM1QlU5alJaYzBLT2VxeXpZK0tZR0MwbEZ5L3pGS1lYVGJwRDRwYkJLUzY1dGJ0RDlrd2czSDNWaXY3Q3RrbzlmcUVSNlF4QjcySnM3L3lXUVV5WjhGVzNoVHo0R0V3bE53UzlGdU...
367 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=t0Mz9nxIZ0lkWTAzcm1ITlhLZEh2aTM1QlU5alJaYzBLT2VxeXpZK0tZR0MwbEZ5L3pGS1lYVGJwRDRwYkJLUzY1dGJ0RDlrd2czSDNWaXY3Q3RrbzlmcUVSNlF4QjcySnM3L3lXUVV5WjhGVzNoVHo0R0V3bE53UzlGdUk1V3d4eHdCcHJOYVNyV3lRT3dEckI0ZFJaRjZtUW8wWnFtZmRMTFJXQnZDc0k3K2tBR1pIRU1SMVNHR0hUUG1TL1JYZ0ZDTGUyemtpMFBTMmtYbXUzODJqams3VGo4OW1HVEUzMDVwbjRoSjR1MUtNM1J3PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b06a762b64cc89968a67f8244c9ba909adf37ad74cf0e62aaea58caedffd589d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://freedom1570.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1418452
expires
0

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=t0Mz9nxIZ0lkWTAzcm1ITlhLZEh2aTM1QlU5alJaYzBLT2VxeXpZK0tZR0MwbEZ5L3pGS1lYVGJwRDRwYkJLUzY1dGJ0RDlrd2czSDNWaXY3Q3RrbzlmcUVSNlF4QjcySnM3L3lXUVV5WjhGVzNoVHo0R0V3bE53UzlGdUk1V3d4eHdCcHJOYVNyV3lRT3dEckI0ZFJaRjZtUW8wWnFtZmRMTFJXQnZDc0k3K2tBR1pIRU1SMVNHR0hUUG1TL1JYZ0ZDTGUyemtpMFBTMmtYbXUzODJqams3VGo4OW1HVEUzMDVwbjRoSjR1MUtNM1J3PXw&cppv=2
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
473428
content-length
0
expires
0
1285.json
id5-sync.com/g/v2/ Frame 03ED 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1285.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
bb2a0de146d02bba7976583f3dd66ab5ea0910916217cf1820e540c501768f8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://freedom1570.com
date
Sat, 03 Dec 2022 13:30:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 03ED 		0
0
id
id.crwdcntrl.net/ Frame 03ED 		43 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://freedom1570.com
cache-control
no-cache
x-server
10.45.17.17
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 03ED 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
538079aa6a09657b2d344d871ae395614853a6994058d1ba65eae0aa07293ff6

Request headers

Referer
https://freedom1570.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Dec 2022 13:30:07 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://freedom1570.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 02 Jan 2023 13:30:07 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=t0Mz9nxIZ0lkWTAzcm1ITlhLZEh2aTM1QlU5alJaYzBLT2VxeXpZK0tZR0MwbEZ5L3pGS1lYVGJwRDRwYkJLUzY1dGJ0RDlrd2czSDNWaXY3Q3RrbzlmcUVSNlF4QjcySnM3L3lXUVV5WjhGVzNoVHo0R0V3bE53UzlGdUk1V3d4eHdCcHJOYVNyV3lRT3dEckI0ZFJaRjZtUW8wWnFtZmRMTFJXQnZDc0k3K2tBR1pIRU1SMVNHR0hUUG1TL1JYZ0ZDTGUyemtpMFBTMmtYbXUzODJqams3VGo4OW1HVEUzMDVwbjRoSjR1MUtNM1J3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 03 Dec 2022 13:30:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
519522
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BB3D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://freedom1570.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Dec 2022 13:30:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame BB3D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21785a9657d3bc964545c73fc055cd1af7f48897f9f6a01815256427e1b7ba15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 13:30:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Dec 2022 17:46:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15394
Connection
keep-alive
Content-Length
10066
Expires
Sat, 03 Dec 2022 17:46:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame BB3D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=70612628178048321572362312578120419971
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange function| e object| adobe function| Visitor function| initKatzMediaTracking function| DIL object| dataLayer function| gtag function| trackOutboundLink function| trackOutboundLinkFeaturedContentGrid string| GoogleAnalyticsObject function| ga object| googletag object| _SWP object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _aimtellPermissionGranted function| _aimtellPermissionDenied function| _aimtellReady number| initWidth number| initHeight object| gptAdSlots object| gptQuery number| gptClientWidth string| gptPath function| delay object| gptPreEnableEvent function| refreshAds object| $jscomp function| SmartBanner string| com_adswizz_register_PROTOCOL_VERSION string| com_adswizz_synchro_listenerid string| com_adswizz_synchro_listnerid boolean| aw_0_req_gdpr string| us_privacy string| com_adswizz_synchro_register_VERSION boolean| com_adswizz_synchro_debug object| com_adswizz_synchro_utils function| internal_com_adswizz_synchro_decorateUrl function| com_adswizz_synchro_decorateUrl function| com_adswizz_synchro_decoratePlaylistUrl function| com_adswizz_synchro_decoratePlaylists function| com_adswizz_synchro_readCookie function| com_adswizz_synchro_getCookie function| com_adswizz_synchro_getListnerId function| com_adswizz_synchro_getListenerId function| com_adswizz_synchro_getTags function| com_adswizz_synchro_write_iframeAd function| com_adswizz_synchro_sync_iframe object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| ggeac object| google_js_reporting_queue function| fbq function| _fbq function| onYouTubeIframeAPIReady undefined| google_measure_js_timing function| $ function| jQuery object| sim object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| playerEl object| simWebpackJsonp function| appReadyTdPlayer function| simOnTritonStreamStart function| simOnTritonStreamStop function| adBreak function| showMsg function| readCookie function| getUrlParameter function| createCookie function| eraseCookie function| getLoginStatus function| storeCookieForUser function| logout function| setEnvironmentUrl object| sifi_att_1600697718176587 object| AptivadaHelpers object| AptivadaWidget object| Aptivada object| ApexChat function| ApexLogger object| AnalyticsCategories object| AnalyticsEvents object| ApexChatTimeTracker string| ApexChatResponse object| ab object| abPlayers function| openGate function| closeGate object| s_c_il number| s_c_in object| FB number| __mobxInstanceCount undefined| __mobxGlobals object| __buffer object| headertag string| p1653183464 string| p1653183519 number| p1653183520 undefined| oAddDVTag_ undefined| oGetPageStats_ undefined| p1653183549 undefined| p1653183544 undefined| p1653183541 undefined| oDeleteHardcodeRefresh_ undefined| oRefreshHardcode_ undefined| p1653183538 undefined| p1653183521 undefined| p1653183517 undefined| p1653183515 undefined| p1653183527 undefined| p1653183524 undefined| p1653183522 undefined| p1653183498 undefined| p1653183503 undefined| p1653183489 undefined| p1653183488 undefined| p1653183486 undefined| p1653183479 undefined| oEnableNullChecklistener_ undefined| p1653183531 undefined| p1653183470 undefined| oPageUnload undefined| p1653183399 undefined| p1653183404 undefined| p1653183523 undefined| p1653183389 undefined| p1653183390 undefined| p1653183391 undefined| p1653183392 undefined| p1653183393 undefined| p1653183395 undefined| p1653183396 undefined| p1653183417 undefined| p1653183459 undefined| p1653183400 undefined| p1653183467 undefined| p1653183435 undefined| p1653183436 undefined| p1653183473 undefined| p1653183474 undefined| p1653183478 undefined| p1653183480 undefined| p1653183482 undefined| p1653183532 undefined| p1653183507 undefined| p1653183534 undefined| oObserverChanges_ undefined| p1653183533 undefined| p1653183535 undefined| oAudienceListenerEnabled_ undefined| p1653183484 undefined| oDevice undefined| oParentHostname_ undefined| oParentPathname_ undefined| p1653183485 undefined| p1653183487 undefined| p1653183502 undefined| p1653183504 undefined| p1653183505 undefined| p1653183494 undefined| oAdSlots_ object| otkjs undefined| p1653183525 undefined| p1653183526 undefined| optimeraInsights undefined| p1653183536 undefined| oLoadedAdImpressionDivs_ undefined| oTrackSlots_ undefined| p1653183547 undefined| p1653183548 undefined| oEnableInfiniteScrollUrls_ undefined| p1653183543 undefined| p1653183546 undefined| p1653183550 undefined| oHasStnVideo_ undefined| p1653183444 undefined| p1653183397 undefined| p1653183398 undefined| p1653183466 undefined| p1653183446 undefined| p1653183445 undefined| p1653183448 undefined| p1653183552 undefined| p1653183553 undefined| dateObj undefined| month undefined| day undefined| year undefined| today undefined| activeDates undefined| p1653183569 object| opbjs object| oaudLibjs object| ovpjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_281612 number| dfpMessageData object| closure_lm_816853 number| f_left number| f_top number| op object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.freedom1570.com/ Name: _gid
Value: GA1.2.987907906.1670074199
.freedom1570.com/ Name: _gat
Value: 1
.freedom1570.com/ Name: _gat_NewsTalkTracker
Value: 1
.freedom1570.com/ Name: _gat_AllStationsTracker
Value: 1
.simpli.fi/ Name: suid
Value: 395D2C02B3A2422298C03E17546D7B53
.freedom1570.com/ Name: _ga_VEN16DTW8J
Value: GS1.1.1670074198.1.0.1670074198.0.0.0
.freedom1570.com/ Name: _ga
Value: GA1.1.822983241.1670074199
.freedom1570.com/ Name: _fbp
Value: fb.1.1670074198932.322969764
.demdex.net/ Name: demdex
Value: 70612628178048321572362312578120419971
.dpm.demdex.net/ Name: dpm
Value: 70612628178048321572362312578120419971
.freedom1570.com/ Name: AMCVS_43AD1E57612418B90A495E63%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4tPWgAAALHE2wN6
.freedom1570.com/ Name: __gads
Value: ID=ed825c62b23e934d:T=1670074201:S=ALNI_MYyACLqLAF_eTAeWCW4qo7Yw5m-vA
.freedom1570.com/ Name: __gpi
Value: UID=00000b8c3a012875:T=1670074201:RT=1670074201:S=ALNI_MYDFpsr1s_85yF3okKqouCeM6cLCw
.doubleclick.net/ Name: IDE
Value: AHWqTUlnoXWKMFHuxybSdxsR1y4Fcxf6fnz0uEMKXi92Z_fBjaY_LOSRMWrIS0oYrz4
.freedom1570.com/ Name: AMCV_43AD1E57612418B90A495E63%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19330%7CMCMID%7C76751759852444115093149573306747343211%7CMCAAMLH-1670679002%7C6%7CMCAAMB-1670679002%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1670081402s%7CNONE%7CMCSYNCSOP%7C411-19337%7CvVersion%7C5.5.0
embed2.audioburst.com/ Name: ai_user
Value: 22OxaFGWj/zBFSujdeJgRF|2022-12-03T13:30:04.293Z
embed2.audioburst.com/ Name: ai_session
Value: HMhHorS7fe00pnOldHI9/r|1670074204309|1670074204309
.simpli.fi/ Name: uid_syncd_secure
Value: true
.demdex.net/ Name: dextp
Value: 60-1-1670074203083|477-1-1670074203287|601-1-1670074203580|992-1-1670074203868|22052-1-1670074204125|575-1-1670074204329|73426-1-1670074204430|121998-1-1670074204608|175765-1-1670074204709|348447-1-1670074204810|285689-1-1670074204910|87898-1-1670074205011
.freedom1570.com/ Name: aam_uuid
Value: 70612628178048321572362312578120419971
.adhaven.com/ Name: uid
Value: 4c_f71464af-45fc-4fcc-8895-1a629d33540a
.ad.gt/ Name: au_id
Value: 73053b59-3b6c-4437-94a1-2967feb22824
.adnxs.com/ Name: uuid2
Value: 4030606759362525542
.tapad.com/ Name: TapAd_TS
Value: 1670074205385
.tapad.com/ Name: TapAd_DID
Value: 0e1259ee-4d7a-4485-a788-b1d3a68d35e6
.agkn.com/ Name: ab
Value: 0001%3AW7uppEXqeZzYyvvRlrbnVr9QlYfXnN5K
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GU$s$`Xr!]tbPl1N!7On*M$=BX=2jEbQccw]]QiI)<MfR5kLkyh:oi.r0mgk2E_j9*^xb]?m8/X%W#.wL4W1Qw1^E2(+J
.pro-market.net/ Name: anProfile
Value: "-kpp64nl3l0p4+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800200303000000000000203E+s2=(rmbhi5)+vm=24-395D2C02B3A2422298C03E17546D7B53"
.pro-market.net/ Name: anHistory
Value: "-kpp64nl3l0p4+2+!#7%/%j!bED"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.exelator.com/ Name: EE
Value: "3265601ee280c1567e8df6a0ae18bac6"
freedom1570.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.agkn.com/ Name: u
Value: C|0AAAAAAAAKx4L3QAAAAAA
.freedom1570.com/ Name: _pubcid
Value: 118c91f5-d88d-4b0b-ad5a-dafe646ce945
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHYyMzUzMAwNdXIwiDZ0NTMPNUiJc0s0SAx1dAiKTHZbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYkl%252BUWb6IhfXxUUpaQyLSopPBR%252FKEQcAlRAp1Q%253D%253D"
.spotxchange.com/ Name: audience
Value: 99537a0b-730e-11ed-aad7-1a7cb9e30506
.bfmio.com/ Name: __141_cid
Value: 395D2C02B3A2422298C03E17546D7B53
.bfmio.com/ Name: __io_cid
Value: a7b04302e2e10acc974d6a9344c1a7339d177122
.bluekai.com/ Name: bku
Value: blx99aNwitBGZh/P
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE18BDx0xp90xMBO1Mx01M/8mW1y16DhBpD6BAxlxMDp9y9MNx+q
freedom1570.com/ Name: _lr_retry_request
Value: true
freedom1570.com/ Name: _lr_env_src_ats
Value: false
freedom1570.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-03T13%3A30%3A07%22%7D
.freedom1570.com/ Name: cto_bundle
Value: zE8SzV9jUHpMaTdwVW1ObXJEOFd6aXlYV1p2JTJCUVpFWmsxbXRRRHFRaTlZZ3VoJTJGa3lnenQzZGpHaVVkNFpMZHFuSkglMkZ5Y0NSTW1abTViWnVTRlUlMkZTODNwTiUyRnMlMkJ0UjNGVlRJd1haRDN2REJoJTJCV1pFMFFIWDFlSE9zTmx0JTJCRFQ3RlV1a2U
.freedom1570.com/ Name: cto_bidid
Value: eHuo9F8yJTJCd094NGFucG83eHdDdTEyNWZ3SUdpUmFLUWQyV3dhSzhscEppcUdYMURwaDhpVGsyNEVzZVM4anNMbm9ETk9keVRySWFJRkVlV0NWdDg1akZlQm5nJTNEJTNE

13 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=70612628178048321572362312578120419971
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=70612628178048321572362312578120419971
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw
Message:
Mixed Content: The page at 'https://embed2.audioburst.com/skins/sacarousel/player.html?version=ftgtyf7uxw' was loaded over HTTPS, but requested an insecure element 'http://storageaudiobursts.blob.core.windows.net/site/images/promote/Salem-Hosts-Sponsor-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70612628178048321572362312578120419971?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=395D2C02B3A2422298C03E17546D7B53
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=395D2C02B3A2422298C03E17546D7B53
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=395D2C02B3A2422298C03E17546D7B53
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-2726394328221531592
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=70612628178048321572362312578120419971
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
javascript error URL: https://freedom1570.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://freedom1570.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13781
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24103.mc.tritondigital.com
9e5996e07e21a022ca1606de8d1ddcf9.safeframe.googlesyndication.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
adobe.adhaven.com
ads.pubmatic.com
ads.scorecardresearch.com
adservice.google.com
adservice.google.de
api.rlcdn.com
aptivada.com
arttrk.com
as-sec.casalemedia.com
assets.revcontent.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c25cf2cd48c0a4c2f041607a49fc5151.safeframe.googlesyndication.com
campaign.aptivada.com
cdn.adswizz.com
cdn.jsdelivr.net
cdn.resonate.com
cdn.saleminteractivemedia.com
cdn2.aptivada.com
cdnjs.cloudflare.com
ce.lijit.com
chrt.fm
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.agkn.com
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3div1mtym39ic.cloudfront.net
delivery-cdn-cf.adswizz.com
dp2.33across.com
dpm.demdex.net
eb2.3lift.com
embed.sendtonews.com
embed2.audioburst.com
embedcdn.sendtonews.com
eus.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
freedom1570.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.simpli.fi
ib.adnxs.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
images.revcontent.com
imasdk.googleapis.com
js-sec.indexww.com
katzmedia.demdex.net
lexicon.33across.com
loadm.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
mug.criteo.com
pagead2.googlesyndication.com
pdst.fm
pixel.rubiconproject.com
pixel.tapad.com
player.sendtonews.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pushtoast-a.akamaihd.net
region1.google-analytics.com
s0.2mdn.net
s2l.sendtonews.com
salem.mc.tritondigital.com
salemlivechat.com
sapi.audioburst.com
sb.scorecardresearch.com
search.spotxchange.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
storageaudiobursts.azureedge.net
storageaudiobursts.blob.core.windows.net
sync.bfmio.com
sync.crwdcntrl.net
sync.intentiq.com
sync.search.spotxchange.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
tag.simpli.fi
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
traffic.omny.fm
trends.revcontent.com
um.simpli.fi
us-u.openx.net
verifi.podscribe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
yeet.revcontent.com
api.rlcdn.com
global.ib-ibi.com
104.111.219.144
104.18.12.242
104.18.33.19
104.76.200.221
108.138.17.91
108.138.4.10
13.32.106.197
13.32.121.93
13.32.27.36
13.32.99.21
13.32.99.55
130.211.16.234
141.95.33.111
151.139.128.10
169.50.137.176
172.217.18.2
172.64.151.162
178.250.2.146
18.157.212.157
18.215.228.23
18.66.147.24
18.66.97.68
185.64.189.112
185.89.210.46
185.94.180.123
185.94.180.125
192.173.30.60
2.18.233.180
20.49.104.0
2001:4860:4802:34::36
2001:4860:4802:38::15
2001:4de0:ac18::1:a:1a
205.185.216.42
216.52.2.19
216.58.212.130
23.203.77.3
2600:1901:0:8344::
2600:1901:0:8eee::
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
2600:9000:2240:7600:11:1ed0:3900:21
2600:9000:2490:8400:11:b309:9100:21
2606:4700:10::6814:6b3e
2606:4700:20::681a:20a
2606:4700:20::681a:810
2606:4700:20::ac43:44f5
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:17ea
2606:4700::6812:bcf
2620:1ec:bdf::45
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9b
2a02:2638:1::13
2a02:26f0:480:f::213:7ed5
2a02:26f0:64::210:6bb9
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.129.157
3.248.137.172
34.111.234.236
34.120.133.55
34.209.39.28
34.255.85.65
34.98.64.218
35.157.182.139
35.161.253.160
35.204.74.118
35.227.248.159
35.244.174.68
35.71.131.137
44.206.165.148
52.209.167.52
52.222.214.6
52.239.246.4
52.51.126.33
52.54.111.192
52.58.215.26
52.6.183.190
54.158.154.2
54.217.178.56
54.229.62.148
54.75.190.240
54.78.254.47
54.90.160.21
67.202.105.21
69.173.144.139
69.173.144.165
69.31.54.157
76.223.111.18
99.81.25.188
99.86.4.47
99.86.4.74
011c94baf537dbf60cd75a9e954b4b87d30e3760b04112d7e2f9ac30cfbaf312
032234d9708427438205b7679dc2685cfb3140c23a75874575c4053e5fb845e9
0521d957d9eb62c5262d7a020bed3cba3fb7e67306690f12787b1c3e35836578
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c62ce8713269ee49c9ddacc3823e24d7a7ac1d23632bdf0ae752aa119e0274a
0eb37f46bc5e641a9f3ba735a4ab0535812c0ba6713f2d9d06628f69c310c28a
0f889484684bae74a9c2f7c6fbaf096f453419d4f42a72b378c140c36db73962
14d2685b050382f1c38067e121d4b4bbdcb35d313a1cd4270bc18a615955b2cd
1692ba25fbc9d8f4309df26749c2a38a604f39e362fb9eb12248409bfa585abd
16fb2a576203586c2b8134ec9c5372c9c0641ea10cd3f14716a6f1118a417d06
184b4f916049eda5f6cb7bd69a4274d3674327df3c40b2bcafdd16b8d46f8f10
214302ae229a9ef55d8819f5debd18176174503141c92b6c58818173ff9b12b2
21785a9657d3bc964545c73fc055cd1af7f48897f9f6a01815256427e1b7ba15
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
2437f1e78f8b9cbc6064fc8112f759774b888cc5c044fc2c91e1c15e66f3de38
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2784c542114791c6dbd92d298e5472ef1f0595eb6cfb515758c2a05e27a915f1
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7489acbad9bf28365dc1169dadeb1647f119f7033b16261c585141a18c4a55
2cfabd0507f2a7e0867adce17ce8d5b16fe994fb19f8bc665c587935088317dc
2d163787fa90069a42442a3b0e34d4def6f21c08be50397b465d2a2c34c0ff30
2e11ec3a5c86f0a46ff64511dfb7f2523814d02b04eb329f681a627f70dfab49
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ba0e096780c0fe521c4c65a4ac30fb73ebcf4cfa71b8047900904a9977868f
31c03a1ccc2d75423d6ab454cd181b5b75c0c88b10f67c5827f12f7cbfb04a29
32515a6986ed6717f1313f927efe410c40cdb6049a83cbbd6b6ed39958002f83
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
369c91fbac286538504e072605e67dc7e51258292ccff58d2dba15c8e84f7be9
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38e767f6b8f6f96b2c43598a0116fb3cb78bba8cc2a7001e2b706eb93c0ce7b3
3926d631a3130a6abb45b20b7dc6a26554f4fa0508a119f05b7c1cba8e2a2009
39651c47291003c0a658718391ca99f586a2f86617a2390a0deb233d97baa5e3
3ab5b9e2dbae2c882c3adc75f30a5c0a937a034cb9c1f12c64f28957bec4fbf0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c754cd8dbd9b42e516f5953e66c3d799dec837fbff168b50ceba4ef60f77d52
3cb1f3ac43e39c1bdc81905bfc2bf24eaa72f6fd4d8653e7f7dd060aeca754aa
3dc5bb7975036df89c669279f95d7cf8a5fc43c8a9002fa139a1ffc3ed100a7e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403f396b14afdf4b80a40a5c267e2dbb1fc746e5a2386d63ef8a8e249dd2060a
412b5fced5a5e8052b1d4cc8752d8d91e63dfeda51aed38bfb4b88bbbb6e6d0d
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45cc77d412cd46f0104ae70246e0cb445d926850235758806832d35602727166
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471563f063f0a7173ae8e37677a7fa1d1b6a7641debfbc9832182ad0a4db107c
489de46340c005496eecbda804057e40c561cb5aacbb77b66ac0799216d0da22
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49f1c5ac1f307af61c5398e70a4ea5563a2816600ad267a4c15a280571e2a5db
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf1fea9a09729d4780a219bf13b15b5a5b9f088f143a4f028115fefda2dbffa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff7d1e40eb1aeb79c00ad50dd785229e67e17448a2df97b8b5e6c01d05e0326
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5176a53940eb83db63a31526f3c71ec222ad459fd3b376d6b5c2b5d36f1c3344
52bcfe58e4b6dc7a7dff59c2f1630939bb80af3628deecc84c9b50ea6c737a05
530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19
538079aa6a09657b2d344d871ae395614853a6994058d1ba65eae0aa07293ff6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
56f22aeb96fdb98005501f63411e0c644ba3f629a795bdae84d6272cc0e1dc42
588133c793503d8e894dd83e66971a0021c12acefe6003c60e2faa40948d09b9
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5cb142023a621932c497c0445ca5e28616fda11d94781ab67475aec6f2531961
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
672f90d2a0dd3ce6c13351601a1c6c19e68e300c33922b69a1e7abce9a23ce1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e72e8fafd55f6729c2056a89f3d697a4106e2aa417ef7fc6ded74f79545c8bb
6fe97f79551e2a39ec4d81e284b53c6438023b7c7707a0f190f859997b1fdd93
707fba09724b09f8408f87d91584ace86c1e7f1a1c9a26795074500eac85231e
713fdf5b0c1d789d825758673d210d4eca50385b6be25e680fbdf78159a26ecd
720b0d7a5d99696268be4f60a2a6c81565702598cd02c282bafd988e3f4c09be
7217ed6819f31dff0f46bc9eac41da8bce1a81663a981ed8bb9c601ea80129b6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a6752b5365f55ea5f587f8d096f18a214f7961a92b8d1a929d66cf33f01623c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c6309834d8186cf6b7714b3adcc2e271ee5f475b75b6ead32d76cf9a3e88440
7d04a795f91bce8794d7f005125e07483f0eedbba4ae6adf6f56a1d40ba7200e
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
804166117e8fad394768f566f011a1c063160e844518dd52677597a29c833cd9
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c6d030d412d819ac3d8925aa26282a99073be99dc2f1f9962e780c6c736e5e
83f7b10f764ed5f6bb18da61542f6a1733eea8e1e862fe4432fbe68f8fed9245
8405bb9e26a270580c2a19d2b282043af929ee7f41928c013ef252e2ee76c1a1
840badd1101c659fe0b67109b2775fb21dbe37970387b478af2a6a1849bdf1da
8759f3a0cd9669c1ac11283fd7f6c25f0bf660c3b9430787e43c82775cc9bf43
8819d1714c20193c1fea86a08634aadcb119e4ad55b040a7c39dcb1ef51ff043
8905883d3037ee6a31861447340bba4e18912cb23c905bd0449c5799f32a0c8e
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b81b26ee382944221addbbcb6cb2e73e51613e0651848aea41a739d23006dba
8b92c25873dce52845bf186f0a8b5f9d4955146dbd7fca6592010e733e82cd08
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ddf5fad03f57f4cc7ef799147663b8c9d450f91d171cb07f6c8e5a075024b47
8e1c588ab8720161433724663f8aac15e89cd07666696957ed523643753ff5e3
91cfb6fb2b9e5fa3c412c690e050df61bd7d6021fabc11149d3d62b011b1191b
92576381f4459d9adeb75a49b42df4a258ee050eb71f4c046be0093d0605eacc
928d006fac28559d4ab0ef0dbed86a026272858795b5bdb227303d38d2d025ff
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95456d4f38d0bb9ab3174788683b5ea2b4f2a9e4dc0b9b24ba360563b8e76c04
96658d544a93bfd8c97856e018938b6688886d0c983558c94faef542f920efc1
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
986841307db09386ceafe253761bb5afc8446769548317550d4e520a9028bdee
9b996da9aab437c7a5303257e3ccdbf452a1f04c27fea5ae2741ab37de818aab
9e7db64b3729088bbb0fbcb9f0cb04276ca6767df3dbc0d1402f832224321568
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e8a61585b91364d2f64fd10aa2d99dafe52847a8589b383c27e45aba9d674d
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bed9cd8e28faeb5e8556111819d28dd80df0267b7e95e6a4943c7fc5e8b9b1
a592673766c2aca9e944e7397014098e1829ea59189b7a80a512c31c3020a017
a65483c22339ba7629ad72301bb22d3a9669c385626e2cf8ad373e17a2711721
a6b26d623ee79d501a82a1a85b8f0b9af7823eccc0818258f4f9e248eba0ecf8
a80e116623c58c51070a0501d7caeabcb5c8303aa557fde0905f2051f097fde4
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abd0cc0fc6b4b0a6632d7ca794db29402bb4b65a26d11cf93ebc45c691d768f5
ad0bbc7dd826b74410dba1d0a5267e54a19752ff00b56a9ef252872d99648673
ae8d739e16cef5ef13eeb51110c54d03498ad74145af147e268a031adeced04d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa412ae6779d4a10d60924cec27bcb81d13218ca2df03df82e37e52a4aceaf6
b06a762b64cc89968a67f8244c9ba909adf37ad74cf0e62aaea58caedffd589d
b0df56f4f7429e2039f128c123e48d25019573c014f1802aff1ba337f4e32f05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b5f12b3ecf5fa5dcd77152f82ae59f744a1e9a9a67972dc8347bda3e6d641f
b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b
b6c82ad48e0d212cafbf007965da73bf98e85ba0bf3c84975ea44dcb04245dc8
b6fed36a97e71e17e7e5f3d3b80e8d4aa5328cbe688f95e5c0e838247a872252
b79ff82602ba606f670a254e98f2f44e2ffad3c836ef009479b5354bb44ae8ba
b7ef8d178aa39eac01d4da341e5e4870d8e4d2678890ee639f7e41c799109d4f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2a0de146d02bba7976583f3dd66ab5ea0910916217cf1820e540c501768f8a
bb868441f1b679910513432d5408d2eefd9f22b461e6b916316dec649895e7e7
bc44ce5e873da496e90e14136ebc78f64e776ed2832b7b53050d46ac833e0d23
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bddefe0bb7aabfa4bd8abb97d6919a0611560076f370177c3bf33dd586787e41
be6ec671d680cdd7cdc8bff16c666368dbcad009099ca5128dce8b421d385731
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
c14d716d4f1ec3bbfcdd3009a3020cff5a5be739e577f7aa5c49a4cd347b913e
c18988340106fef563c563f41d9435a04e1d9094655fe3c5351af01b5c507a49
c28c09752bbfe0defa530f4cd7d1e53874dce907df1cc938f442b43efce3b25d
c59c5c4c1317b62b0606790b67daf5e12b030e717df8bfc887fba1dc32bbbbcf
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c7970f74fcdfc4a622cde747cbc68dfe36f108c8c46fe05460d55ba93050b70b
c9e150de7df36d5019c3038dc2efa527e6fee4f32ff38a8bf257991bcca5a80f
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cb0c849c39cf7c26538cd227b723244ff7c4ddfecdfc3bb29c9e736044dab92e
cbbd0c5a903d0e3b0b058cf6248d956d70e452cba831866b8161381896b4e923
cf17158749f8a238e3f6c761fd05b895850d1528e5c67037f9a00cc595c439c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0eaaced345857ab11de88d635ac87867c456bc77e26775baa1517d44b787dd4
d245f5d3aac19a3043659d0ec5f04b066c845d98e40ae2663e313390852730f5
d404fbd6b0a3e04013ab4d2b97f4e36b0ae1645d59eee61cbd7f82a6279cf19a
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d84fe5cd20956e5d821abb3b108b9dfe98af78afad2bb19b3ff46d590c17fa1d
d92da35757dd4ea41fd4e8e9cef5afd28f6f55c19bd73d6025274f05cf7a7f7c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dad455de8f42dab8d0d72da14e542959a59f9b020f52d9ae8938d1a86e6b9c11
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dee2f7ad46b45ca65c74160be1e4722dfe73fe458326bc8971fbf3c794c9ecf1
df69d959773940a49f14f9a5761eb13f88886d1dd7cbd9e5b99468d648ada5fd
e17b5beb20ad9b3d73fbb3f6173629069e12840890d4c4016124a1f63d56310d
e1a15a4e8a78dcebe001bec963747978f93ff56d3a74206b746f9e1e595c9af0
e1aff48c420fdca67d7b2516756d287b64a675d44536441076e2d5d4c2f72a8b
e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59d56e850330747bd2fb57cf0009e9f784d02fa6d09b420ca8291e7ade294e3
e77f5a10e0d424be5bf877c231534690dd19fd47606eee4bd47398f280c81dd6
e8369ca3a7b38774982ab331c098219ebf818b84e300b88a30d26ba18c3b7a6e
eadbd565de7a6723c13a4c49f96eb97f994f96820754d624f06f9461286dca7f
ec117a86e37ce5d803887e844fd859f9380d3c825793279d7602e75cd7423e93
ed2f3c1e8c84aba5c3b10608be1a28a4f888fe9b1c6b6750ef736df3097c51f6
ede9a88f9a5cec01a7c95f4978336d55bfc035d33b0a02599b8f6baaac9f8eed
ee41a0fe4a4dbc63e0e5a3b0a8dfaa2551655264a352348a4fa7a67d862ce975
ee4eda87191d653a4ffa291a3b8a7c0c679ccf675a90dcbae5159568b9a5efb2
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0550440a918698a251b4c81cae7c84a2537cfa2d30035d93434fb231dc4d40c
f2deec38d725198ee9c7eb5dec721c4192d2484a15d6ea2985c1a8c2adb12510
f3ce86d7e5d98a938fb81d7bd133fa1e6f2e2a5a799742c6dd1c799e7e909cc4
f3f7e0c5ca173328f7f813474750073fb3eef3382520f26f635e647f4d3683f4
f461e1e3fb47ce63a8d28c453253784cc233481904428c57a361fc93fd987327
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f691685d9a0ab4a5dbfb66f7ab00b1caf712d355f5998c12837873b7501cca0a
f7d788b7a95e0c5b6fe7838271b4e4f511339dcf30038ed83d5f271c74e562e1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
faad7e062847e3f1cd9ca48376cd8e69801db3f8b528dabf27e5374e55630a6d
fc6eb58dce9579d36810601ab53059c4dc3aaa863cc5880e0bbf1a7645613b81