urlscan.io logo urlscan.io
SecurityTrails logo

www.kiwilimon.com Open in urlscan Pro
108.175.7.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kiwilimon.com/
Effective URL: https://www.kiwilimon.com/
Submission: On July 08 via manual from DO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 9 countries across 49 domains to perform 349 HTTP transactions. The main IP is 108.175.7.51, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.kiwilimon.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2020. Valid for: 2 years.
This is the only time www.kiwilimon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 70.35.193.75 8560 (IONOS-AS ...)
5 108.175.7.51 8560 (IONOS-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.225.87.87 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 46.105.202.39 16276 (OVH)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.99.47.17 16276 (OVH)
4 2a03:2880:f01... 32934 (FACEBOOK)
10 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.44 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 13.225.87.8 16509 (AMAZON-02)
34 2606:4700:10:... 13335 (CLOUDFLAR...)
11 172.217.23.98 15169 (GOOGLE)
5 10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 13.224.193.10 16509 (AMAZON-02)
1 2600:1f16:bc:... 16509 (AMAZON-02)
5 18.195.231.241 16509 (AMAZON-02)
5 20 185.33.220.145 29990 (ASN-APPNEX)
6 18.207.58.158 14618 (AMAZON-AES)
5 23.37.38.181 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.30.140.199 16509 (AMAZON-02)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
19 43 142.250.185.98 15169 (GOOGLE)
8 18 2.18.234.21 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
9 213.254.244.17 36062 (DOUBLE-VE...)
1 52.58.221.124 16509 (AMAZON-02)
1 54.229.143.145 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 23.45.99.241 16625 (AKAMAI-AS)
1 3.226.4.134 14618 (AMAZON-AES)
1 52.58.248.2 16509 (AMAZON-02)
1 172.217.16.134 15169 (GOOGLE)
8 142.250.186.130 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
1 1 34.246.227.69 16509 (AMAZON-02)
2 2 52.57.110.162 16509 (AMAZON-02)
1 1 185.29.135.234 30419 (MEDIAMATH...)
2 2 169.50.137.190 36351 (SOFTLAYER)
4 4 213.19.147.45 3356 (LEVEL3)
3 3 18.192.225.56 16509 (AMAZON-02)
4 4 3.126.56.137 16509 (AMAZON-02)
2 76.223.111.131 16509 (AMAZON-02)
3 213.254.244.19 36062 (DOUBLE-VE...)
1 176.9.26.250 24940 (HETZNER-AS)
1 4 138.201.220.30 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 35.190.0.66 15169 (GOOGLE)
2 2 213.155.156.166 1299 (TELIANET ...)
1 1 13.225.87.64 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (TURN)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 151.101.114.49 54113 (FASTLY)
2 2 216.52.2.19 29791 (VOXEL-DOT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 88.99.70.21 24940 (HETZNER-AS)
349 63
1    70.35.193.75 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
kiwilimon.com
5    108.175.7.51 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
www.kiwilimon.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.225.87.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-87.fra2.r.cloudfront.net
tags.crwdcntrl.net
2    2a02:26f0:6c00::210:ba79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
1    2a02:26f0:6c00:281::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    192.99.47.17 (Canada)

ASN16276 (OVH, FR)
PTR: us4.heatmap.it
us4.heatmap.it
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.224.193.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-44.fra2.r.cloudfront.net
certify-js.alexametrics.com
2    2606:4700:20::ac43:459c (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
3    13.225.87.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-8.fra2.r.cloudfront.net
sb.scorecardresearch.com
34    2606:4700:10::6814:375e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.kiwilimon.com
cdn7.kiwilimon.com
11    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
10    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.224.193.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-10.fra2.r.cloudfront.net
certify.alexametrics.com
1    2600:1f16:bc:1202:b9c3:93a:fb15:d062 (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
5    18.195.231.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
tlx.3lift.com
20    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    18.207.58.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-58-158.compute-1.amazonaws.com
brightcombid.marphezis.com
5    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
37    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
27    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
7    2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
43    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
18    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn3.doubleverify.com
9    213.254.244.17 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20514.doubleverify.com
tps.doubleverify.com
tps20246.doubleverify.com
1    52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
sync.sharethis.com
1    54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
ml314.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    3.226.4.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
thrtle.com
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
42    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.246.227.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.everesttech.net
2    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
um.simpli.fi
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    18.192.225.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
3    213.254.244.19 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps20239.doubleverify.com
1    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
hal9000.redintelligence.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
hal900016.redintelligence.net
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.travelaudience.com
2    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    13.225.87.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-64.fra2.r.cloudfront.net
s.ad.smaato.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
75 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
291 KB
70 googlesyndication.com
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
476 KB
42 2mdn.net
s0.2mdn.net
797 KB
40 kiwilimon.com
kiwilimon.com
www.kiwilimon.com
cdn.kiwilimon.com
cdn7.kiwilimon.com
917 KB
23 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
18 KB
20 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20514.doubleverify.com
tps.doubleverify.com
tps20246.doubleverify.com
tps20239.doubleverify.com
220 KB
20 adnxs.com
ib.adnxs.com
21 KB
10 unpkg.com
unpkg.com
170 KB
10 googletagservices.com
www.googletagservices.com
292 KB
10 google.com
analytics.google.com
www.google.com
adservice.google.com
1 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
4 KB
6 marphezis.com
brightcombid.marphezis.com
691 B
5 redintelligence.net
hal9000.redintelligence.net
hal900016.redintelligence.net
10 KB
5 google.de
www.google.de
adservice.google.de
1 KB
5 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
17 KB
4 yahoo.com
ups.analytics.yahoo.com
4 KB
4 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
ajax.googleapis.com
150 KB
4 facebook.net
connect.facebook.net
96 KB
4 google-analytics.com
www.google-analytics.com
19 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 heatmap.it
u.heatmap.it
us4.heatmap.it
11 KB
3 cookiebot.com
consent.cookiebot.com
consentcdn.cookiebot.com
87 KB
2 lijit.com
ap.lijit.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 de17a.com
d5p.de17a.com
724 B
2 travelaudience.com
ads.travelaudience.com
809 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
21 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 everesttech.net
pixel.everesttech.net
sync-tm.everesttech.net
913 B
2 facebook.com
www.facebook.com
88 B
2 browser-update.org
browser-update.org
13 KB
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
1 contentspread.net
cdn.contentspread.net
43 KB
1 quantserve.com
cms.quantserve.com
463 B
1 smaato.net
s.ad.smaato.net
431 B
1 mathtag.com
sync.mathtag.com
817 B
1 agkn.com
aa.agkn.com
413 B
1 thrtle.com
thrtle.com
1 bluekai.com
tags.bluekai.com
304 B
1 rlcdn.com
idsync.rlcdn.com
417 B
1 ml314.com
ml314.com
422 B
1 sharethis.com
sync.sharethis.com
167 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googletagmanager.com
www.googletagmanager.com
47 KB
0 msi-aci.com Failed
flextrack.msi-aci.com Failed
349 49
Domain Requested by
43 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
42 s0.2mdn.net af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
www.kiwilimon.com
s0.2mdn.net
37 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
s0.2mdn.net
31 cdn7.kiwilimon.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
20 ib.adnxs.com 5 redirects www.kiwilimon.com
googleads.g.doubleclick.net
18 dsum-sec.casalemedia.com 8 redirects googleads.g.doubleclick.net
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.kiwilimon.com
10 googleads.g.doubleclick.net af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
www.kiwilimon.com
10 unpkg.com 5 redirects
10 www.googletagservices.com www.kiwilimon.com
securepubads.g.doubleclick.net
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
8 googleads4.g.doubleclick.net ad.doubleclick.net
www.kiwilimon.com
googleads.g.doubleclick.net
7 cdn.doubleverify.com af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
cdn.doubleverify.com
www.kiwilimon.com
ad.doubleclick.net
6 af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 brightcombid.marphezis.com www.kiwilimon.com
6 www.google.com www.kiwilimon.com
tpc.googlesyndication.com
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
5 htlb.casalemedia.com www.kiwilimon.com
5 tlx.3lift.com www.kiwilimon.com
5 www.kiwilimon.com www.kiwilimon.com
4 hal900016.redintelligence.net 1 redirects af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 ups.analytics.yahoo.com 4 redirects
4 connect.facebook.net www.kiwilimon.com
connect.facebook.net
4 www.google-analytics.com www.kiwilimon.com
www.google-analytics.com
3 tps20239.doubleverify.com cdn.doubleverify.com
3 tps20246.doubleverify.com cdn.doubleverify.com
3 eb2.3lift.com 3 redirects
3 tps20514.doubleverify.com af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 cdn.kiwilimon.com www.kiwilimon.com
cdn.kiwilimon.com
3 sb.scorecardresearch.com 1 redirects www.kiwilimon.com
3 tags.crwdcntrl.net www.kiwilimon.com
tags.crwdcntrl.net
2 ap.lijit.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.travelaudience.com 2 redirects
2 fonts.googleapis.com s0.2mdn.net
2 match.adsrvr.org af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 www.facebook.com connect.facebook.net
2 browser-update.org www.kiwilimon.com
browser-update.org
2 www.google.de www.kiwilimon.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 u.heatmap.it www.kiwilimon.com
u.heatmap.it
2 consent.cookiebot.com www.kiwilimon.com
consent.cookiebot.com
1 cdn.contentspread.net hal900016.redintelligence.net
1 ajax.googleapis.com hal900016.redintelligence.net
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
1 r.turn.com
1 ad.turn.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 s.ad.smaato.net 1 redirects
1 www.gstatic.com s0.2mdn.net
1 hal9000.redintelligence.net af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 aa.agkn.com bcp.crwdcntrl.net
1 thrtle.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 imasdk.googleapis.com cdn.kiwilimon.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 certify.alexametrics.com
1 certify-js.alexametrics.com www.kiwilimon.com
1 us4.heatmap.it www.kiwilimon.com
1 analytics.google.com www.googletagmanager.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com www.kiwilimon.com
1 kiwilimon.com 1 redirects
0 flextrack.msi-aci.com Failed s0.2mdn.net
349 80

This site contains links to these domains. Also see Links.

Domain
browser-update.org
corp.fluct.jp
www.admedo.com
www.internedservices.nl
www.macromill.com
www.avidglobalmedia.eu
www.sportradar.com
www.optomaton.com
www.bidswitch.com
www.beeswax.com
pulsepoint.com
crimtan.com
www.protected.media
www.conversantmedia.com
www.xaxis.com
policies.google.com
sharedid.org
rubiconproject.com
www.id5.io
adelphic.com
www.cookiebot.com
www.linkedin.com
www.exactag.com
www.freewheel.com
www.media.net
liveramp.com
www.nativo.com
www.sitescout.com
www.cognitiv.ai
betweendigital.ru
www.home.neustar
www.facebook.com
affectv.com
www.lkqd.com
www.lotame.com
pubmatic.com
www.quantcast.com
www.scorecardresearch.com
www.rhythmone.com
unruly.co
www.improvedigital.com
triplelift.com
www.acuityads.com
adtheorent.com
site.adform.com
orcinternational.com
www.amobee.com
getintent.com
www.adition.com
admanmedia.com
www.appnexus.com
www.mediamath.com
travelaudience.com
www.thetradedesk.com
privacy.aol.com
policies.yahoo.com
www.rtbhouse.com
www.amazon.co.uk
policies.oath.com
privacy.microsoft.com
www.oracle.com
www.bidtellect.com
casalemedia.com
www.alexa.com
www.geniussports.com
chocolateplatform.com
www.deepintent.com
www.adobe.com
us.dynadmic.com
www.serverbid.com
www.eqworks.com
www.flashtalking.com
www.nielsen.com
www.salesforce.com
liveintent.com
www.sovrn.com
bombora.com
n.rich
www.openx.com
www.owneriq.com
my.throtl.com
redintelligence.net
retargetly.com
zetaglobal.com
www.sharethis.com
sharethis.com
platform-cdn.sharethrough.com
www.simpli.fi
www.smaato.com
smadex.com
smartadserver.com
supership.jp
sonobi.com
www.spotx.tv
www.stackadapt.com
www.tapad.com
teads.tv
videologygroup.com
exponential.com
www.dataxu.com
www.yieldmo.com
www.zemanta.com
adkernel.com
sortable.com
www.onaudience.com
telaria.com
www.clickcertain.com
www.constantcontact.com
www.sabiomobile.com
twitter.com
instagram.com
www.youtube.com
www.pinterest.com
feeds.feedburner.com
Subject Issuer Validity Valid
*.kiwilimon.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-11 -
2022-08-11		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA		 2020-06-11 -
2022-06-11		 2 years crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2022-06-26		 2 years crt.sh
*.cookiebot.com
DigiCert Secure Site ECC CA-1		 2020-09-03 -
2021-09-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
marphezis.com
Amazon		 2020-12-30 -
2022-01-28		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
redintelligence.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
contentspread.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh

This page contains 34 frames:

Primary Page: https://www.kiwilimon.com/
Frame ID: 5E2491503C53FDD8194EA2A49C3FDFFC
Requests: 131 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E042AE810FC784D3E5A113D66A067E15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 38B11650676200F5E64E727B6682C79E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 230273E5CF375B036E12DAE3B548C497
Requests: 1 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4FB597D4E6ABE76118D05D2F3A055E1B
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Frame ID: 25C2BC0C3A01665E34F767ED979C5079
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65DF8E0B11E55345EFCF70EBBCEB846E
Requests: 3 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15499
Frame ID: BFE16420FD84352549DD40C641E9DD67
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 40E78A2A07B3A9BD20A2F6D5F921E0C1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: EB19E2473C2FCEA1CC9A84718BC5C557
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Frame ID: AB0B522FE739E09BE842D8FDEDE2102B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B2E07E145040AAE4B80AB5C361DE4A45
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1474.js
Frame ID: 8FD969248EF00B4E07AB376FD1207CF0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A41FCE74D0D78FB6B527E708A37121B4
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1474.js
Frame ID: 6A8AD68F3DAFEB2852C0675E96B051DC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBJ6efk4UJ49qgO0nds3rEeb_n56ye5TaFMvbYyLonr3gv0OoerCzKlnjhjrP4_XDm0cGoL-XbHvsUEVeQZnsfFkevdD7ZZTWANiq4n1B9kzXTGehRri79wCgRaXKOxPjwtj-igDdxrmiANrsvRrnLASOYY6fpCJPrMU0WV7DaUtclfoIw7frFFe4LDzpEaq6TTUIIQzQq71q1aMQNKTp0GZVNMLy4rMwz9GJaHCVtRE3_QbcYAWQGcqvNDRDdMa18R1EHokZwJ5qrxdZRV7Nhsz-rsGXjzOJrAtnDo8Hfi3VjUAn1Dvqs0FXGeF2uTg&sai=AMfl-YQsikhAoKgt8_LblCrxdfhAxK7CEngIJnJVSymCZAzVUEu35R83fWd3tg4iKvpVhBpw3Ip2YH9HcTKVX-nTnPLr5fDxhdnZXNGA48DNCcpiusVUSAR8kAJ0Wc6FWY0&sig=Cg0ArKJSzHxC_6qFCFZmEAE&adurl=
Frame ID: 7D3711A9BF2DE8231583AA5DF0E1EB86
Requests: 9 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 99179F3AC44CE8078F793D0A2E52EB4D
Requests: 12 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 347DA5C0E3D0095D73888172A9ECFC83
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Frame ID: 3C1F82CAC2AFD57F75C64EEE6188AC1D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Frame ID: A9BEE261EC3634F25BB6486D846DBCEB
Requests: 5 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE87EA7F3F8092F82C7DD3546994445A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Frame ID: 54B1F6F801C52BBDE5FB298AE48613E8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73F0AF12A71792DB55020378CA973DF7
Requests: 3 HTTP requests in this frame

Frame: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC7C49E3414C221A8879E8248FF724F2
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Frame ID: 7A316A0368F769297EC1B7BD78F6CD7B
Requests: 33 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Frame ID: DF2462DAB87AED4990069F5B788AA9D2
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DD6BE4FE543F360102749706BB9E37D2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Frame ID: B3B7FE9DBD799666F509778A31260209
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D224000B9179694E796D1A38C22BF7AA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80F9671D7E8F6299DE8FEC2F8615E290
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CCFF0076EBE0FE02CB148D1C82E4B6BF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 035121A5760FF1300BA7FD55E49CF37A
Requests: 9 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
Frame ID: 601848C2F6B6559B09DFBBC49D58F445
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Frame ID: E7DF459E1CDEEDC621F08D14F8672059
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kiwilimon.com/ HTTP 301
    https://www.kiwilimon.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

349
Requests

100 %
HTTPS

44 %
IPv6

49
Domains

80
Subdomains

63
IPs

9
Countries

3714 kB
Transfer

8032 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kiwilimon.com/ HTTP 301
    https://www.kiwilimon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://unpkg.com/video.js/dist/video-js.css HTTP 302
  • https://unpkg.com/video.js@7.13.3/dist/video-js.css
Request Chain 70
  • https://unpkg.com/videojs-contrib-ads/dist/videojs-contrib-ads.css HTTP 302
  • https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs-contrib-ads.css
Request Chain 73
  • https://unpkg.com/video.js/dist/video.min.js HTTP 302
  • https://unpkg.com/video.js@7.13.3/dist/video.min.js
Request Chain 77
  • https://sb.scorecardresearch.com/b?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9=
Request Chain 93
  • https://unpkg.com/videojs-contrib-ads/dist/videojs.ads.min.js HTTP 302
  • https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs.ads.min.js
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciWgOZzBDR8VTfFaHjYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBdJp_LW8bQHuaNtuBUAwWo&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTg2MDY4OTg3NTQ2ODQxNQ%3D%3D
Request Chain 140
  • https://unpkg.com/videojs-ima/dist/videojs.ima.min.js HTTP 302
  • https://unpkg.com/videojs-ima@1.11.0/dist/videojs.ima.min.js
Request Chain 152
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs&google_gid=CAESEK0GbCdLjDRcwQvkh7IBoR0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs&google_tc=
Request Chain 153
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynupmp9-vN5uH2U6BlOoaH-q7CLeKIhRX51_l32Cg_TCHOB1OsjecU7c HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynupmp9-vN5uH2U6BlOoaH-q7CLeKIhRX51_l32Cg_TCHOB1OsjecU7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3pqcHVDSlUxTTF3eDQ1&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynupmp9-vN5uH2U6BlOoaH-q7CLeKIhRX51_l32Cg_TCHOB1OsjecU7c
Request Chain 154
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDFQQe7hQiIl_tOrz45R9VI&google_cver=1&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v&google_tc=
Request Chain 155
  • https://um.simpli.fi/gp_match?google_gid=CAESELdg7O8De4oHWnlwBnQfdvk&google_cver=1&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgVd5au2uWk_hBT5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3694860CE8C6446DB18AC18E021C3E26&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgVd5au2uWk_hBT5
Request Chain 156
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFFotVDOzk2fJImt637R8zQ&google_cver=1&google_push=AYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6f042fd4-3583-445b-bdd1-5a27c7efcaa8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp%26google_hm%3DA28EL9Q1g0RbvdFaJ8fvyqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp&google_hm=A28EL9Q1g0RbvdFaJ8fvyqg
Request Chain 157
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFnxJAYFFe91lQ0SIs0vwYM&google_cver=1&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN&google_gid=CAESEFnxJAYFFe91lQ0SIs0vwYM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN&google_tc=
Request Chain 158
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESuhSLt0_eCtS2PVS52bo&google_cver=1&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs8_klelHYRx_xg1ch6UDxhKebfmNQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESuhSLt0_eCtS2PVS52bo&google_cver=1&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs8_klelHYRx_xg1ch6UDxhKebfmNQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OVJVQnVkRTJ1SGpQcThjdzJtS2JPSFRVUjYzWHBmY35B&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs8_klelHYRx_xg1ch6UDxhKebfmNQ
Request Chain 165
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
Request Chain 232
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
Request Chain 234
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Request Chain 261
  • https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kiwilimon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.kiwilimon.com&random=6446385836005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kiwilimon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.kiwilimon.com&random=6446385836005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 303
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
Request Chain 305
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Request Chain 306
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKfP5q3TMPm2cMsXUX1z9yA&google_cver=1&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ4VyEp9eJ6owyiA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ4VyEp9eJ6owyiA
Request Chain 308
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELt76RYv_brtA6FyKm596MQ&google_cver=1&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELt76RYv_brtA6FyKm596MQ&google_cver=1&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw
Request Chain 309
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPVMoy4_CG1BqwUI4UsMwug&google_cver=1&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS-wTdH-Kgiq4q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS-wTdH-Kgiq4q
Request Chain 310
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFi2q9Oaralqswofcin3uRY&google_cver=1&google_push=AYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5ada51c9-314d-4a30-8843-faf953d7e537-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q%26google_hm%3DA1raUckxTUowiEP6-VPX5Tc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q&google_hm=A1raUckxTUowiEP6-VPX5Tc
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPxc6oMffyLxBo8aFRLPfus&google_cver=1&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8ZR1jWTeLxcQaLaPDMr_t_qm1QKB6eQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPxc6oMffyLxBo8aFRLPfus&google_cver=1&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8ZR1jWTeLxcQaLaPDMr_t_qm1QKB6eQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rQnR2eUlWRTJ1RWJnT0JSVFUwNlZOal82bXhrdHpXR35B&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8ZR1jWTeLxcQaLaPDMr_t_qm1QKB6eQ
Request Chain 338
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1&google_push=AYg5qPKxJWxT75eLdvmJj0GWz6ItkUzoJeB0gGmCqCnA3XvpUHvPgTSEAB_dVsl3FSv2VveAYq3TjzKuWuyNpcJRM2rbptZg0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA4MDkyMzk1NjA2MzExMjk2Mg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1
Request Chain 340
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFrU7ZHqdxw9-CO1AV_NBCs&google_cver=1&google_push=AYg5qPKQMY4vXb8QEIBlx-wk7VGgZkRJ6UIOAxiGhLBmQcUNuWP98RfwJeAs6NRlR7KGu-Mh7gRUOjI4GFA4Yttp6l3G6ZzVWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFrU7ZHqdxw9-CO1AV_NBCs&google_push=AYg5qPKQMY4vXb8QEIBlx-wk7VGgZkRJ6UIOAxiGhLBmQcUNuWP98RfwJeAs6NRlR7KGu-Mh7gRUOjI4GFA4Yttp6l3G6ZzVWw
Request Chain 341
  • https://um.simpli.fi/gp_match?google_gid=CAESEDsPj3j5wmcCRxk060YHI8U&google_cver=1&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJbdEgaFbOA5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA0DBFA2DF7B40DA8931279917EC60D3&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJbdEgaFbOA5
Request Chain 343
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFhG2vKsV32yj7vTreAgraA&google_cver=1&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN050WHk6K6gRw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN050WHk6K6gRw
Request Chain 344
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENaklG35pmtkbZByY3G4GZ4&google_cver=1&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENaklG35pmtkbZByY3G4GZ4&google_cver=1&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4&google_hm=cc22f531da637ddd05b77345

349 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kiwilimon.com/
Redirect Chain
  • http://kiwilimon.com/
  • https://www.kiwilimon.com/
538 KB
538 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.175.7.51 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
10906a05729758a429a0b5725299a254cc5b9f27f676147bb118a4f663eb1d82

Request headers

Host
www.kiwilimon.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.kiwilimon.com
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Jul 2021 16:05:43 GMT
Transfer-Encoding
chunked

Redirect headers

Date
Thu, 08 Jul 2021 16:05:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.28
Location
https://www.kiwilimon.com/
Content-Length
234
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
icomoon.woff2
www.kiwilimon.com/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kiwilimon.com/fonts/icomoon.woff2
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.175.7.51 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
1acd944a8a4b41a8fa15ee0079834345d33008e8d5489307d0cae941f939514f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.kiwilimon.com
Accept-Encoding
gzip, deflate, br
Host
www.kiwilimon.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.kiwilimon.com/
Connection
keep-alive
Origin
https://www.kiwilimon.com
Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:43 GMT
Last-Modified
Thu, 25 Mar 2021 19:52:46 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
https://www.kiwilimon.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
Content-Length
22400
source-sans-pro-200.woff2
www.kiwilimon.com/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kiwilimon.com/fonts/source-sans-pro-200.woff2
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.175.7.51 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
df2e3dfbcec88404bf78ce45c44bf4318e81f89db996c5aa2c1173ba6cf6f0db

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.kiwilimon.com
Accept-Encoding
gzip, deflate, br
Host
www.kiwilimon.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.kiwilimon.com/
Connection
keep-alive
Origin
https://www.kiwilimon.com
Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:43 GMT
Last-Modified
Sun, 19 Apr 2020 02:04:56 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
https://www.kiwilimon.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
Content-Length
12664
source-sans-pro-400.woff2
www.kiwilimon.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kiwilimon.com/fonts/source-sans-pro-400.woff2
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.175.7.51 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.kiwilimon.com
Accept-Encoding
gzip, deflate, br
Host
www.kiwilimon.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.kiwilimon.com/
Connection
keep-alive
Origin
https://www.kiwilimon.com
Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:43 GMT
Last-Modified
Sun, 19 Apr 2020 02:04:56 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
https://www.kiwilimon.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
Content-Length
12960
source-sans-pro-700.woff2
www.kiwilimon.com/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kiwilimon.com/fonts/source-sans-pro-700.woff2
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.175.7.51 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.kiwilimon.com
Accept-Encoding
gzip, deflate, br
Host
www.kiwilimon.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.kiwilimon.com/
Connection
keep-alive
Origin
https://www.kiwilimon.com
Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:43 GMT
Last-Modified
Sun, 19 Apr 2020 02:04:56 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
https://www.kiwilimon.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
Content-Length
12600
js
www.googletagmanager.com/gtag/ 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X0MHE23QYB
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
892b2fd12a21a16150ac8d19fba5c77b51fa37cac282f87d817af1468cda43bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48024
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:44 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15499/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15499/lt.min.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-87.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36e95b11cc81e7760d7efd2c4ac39eed3fe72f075445186074cd6be090d8c674

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:32:09 GMT
content-encoding
gzip
etag
W/"3f1d8a429289d83b8a56d2fa4b7268da"
last-modified
Mon, 15 Feb 2021 20:50:37 GMT
server
AmazonS3
age
12816
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eEYD6yYbZcGKzyqzj8gpql_Fh4aPplVcb0H64eLFia0-XPhJJBMH0g==
uc.js
consent.cookiebot.com/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 08:59:42 GMT
server
Microsoft-IIS/10.0
etag
"3b9e7597d773d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=1074
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
23897
expires
Thu, 08 Jul 2021 16:23:38 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
2399
date
Thu, 08 Jul 2021 15:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 08 Jul 2021 17:25:45 GMT
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 15:04:42 GMT
content-encoding
br
last-modified
Mon, 22 Jun 2020 07:05:45 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"5ef05849-6b2c"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10533
x-request-id
203522086
expires
Wed, 07 Jul 2021 16:04:43 GMT
configuration.js
consentcdn.cookiebot.com/consentconfig/4879882a-8e97-4c8c-9eee-288323f00504/kiwilimon.com/ 		2 KB
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/4879882a-8e97-4c8c-9eee-288323f00504/kiwilimon.com/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8a8c90a2131ba6436144c983df2361b947822e8775165c924ed3674cec199659

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 18:48:51 GMT
server
AkamaiNetStorage
etag
"5b95fc6a8e6ad9848feda0e2bff57bd1:1625683731.657559"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9759
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
434
expires
Thu, 08 Jul 2021 18:48:23 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=859212272&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiwilimon.com%2F&ul=en-us&de=UTF-8&dt=Recetas%20de%20cocina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1472207393&gjid=901364386&cid=856512278.1625760344&tid=UA-11441155-1&_gid=2014055615.1625760344&_r=1&_slc=1&z=150531555
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-X0MHE23QYB&gtm=2oe770&_p=859212272&sr=1600x1200&_gaz=1&ul=en-us&cid=856512278.1625760344&_s=1&dl=https%3A%2F%2Fwww.kiwilimon.com%2F&dt=Recetas%20de%20cocina&sid=1625760344&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0MHE23QYB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
76 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X0MHE23QYB&cid=856512278.1625760344&gtm=2oe770&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0MHE23QYB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X0MHE23QYB&cid=856512278.1625760344&gtm=2oe770&aip=1&z=1759744490
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-11441155-1&cid=856512278.1625760344&jid=1472207393&gjid=901364386&_gid=2014055615.1625760344&_u=IEBAAEAAAAAAAC~&z=1874563355
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 08 Jul 2021 16:05:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-11441155-1&cid=856512278.1625760344&jid=1472207393&_u=IEBAAEAAAAAAAC~&z=1053231049
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-11441155-1&cid=856512278.1625760344&jid=1472207393&_u=IEBAAEAAAAAAAC~&z=1053231049
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.kiwilimon.com.js
u.heatmap.it/conf/ 		43 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/www.kiwilimon.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5aa9be36dd5a4777c4f9e9ae2556df46667039f8d7ef1a65226902e4639f4e98

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:19 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
48
x-request-id
690882191
expires
Thu, 08 Jul 2021 16:10:20 GMT
cc.js
consent.cookiebot.com/4879882a-8e97-4c8c-9eee-288323f00504/ 		248 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/4879882a-8e97-4c8c-9eee-288323f00504/cc.js?renew=false&referer=www.kiwilimon.com&dnt=false&forceshow=false&cbid=4879882a-8e97-4c8c-9eee-288323f00504&brandid=Cookiebot&framework=
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0e5cd6f0123e7254db60a7238faf0d7df13fbdf00faf9297afc2b645ae9d8fa

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:05:44 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
63219
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
pv
us4.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us4.heatmap.it/log/pv?pid=59938&u=https%3A%2F%2Fwww.kiwilimon.com%2F&tpl=-1460690296&pt=Recetas%20de%20cocina&t=471625
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.99.47.17 , Canada, ASN16276 (OVH, FR),
Reverse DNS
us4.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:45 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 08 Jul 2021 16:05:44 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		964 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47da0da617016c71b198ee772f4c9576d62b3c5de7cf9a93a9ccc1eaf1056633

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/undefined/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/undefined/sdk.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7566e66d666698c23958882a3f42278ba9a06b11060fbd3a7f7b59c9a8db81bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
M8kZekBs0ae0vTJb6/vXQg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
NmQyp+oUCXvPFGZd6u+/iFJOjbdStuhsPRmDhQ2EjCdLHGEjkHD1vDCV6nRMYaLl6oWAeQ5Gc3V3R43kku2STg==
x-fb-trip-id
686109401
x-fb-content-md5
19348adbb23f4cf9fc67051bf886b2ed
x-frame-options
DENY
date
Thu, 08 Jul 2021 16:05:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"de3e93f2cf8600c0f0bbcd8618eefc4e"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jul 2021 16:18:57 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46aa51554fa6e68799c8286f7185358aea1d626d34ecdcad4c0775422a3586e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
www.googletagservices.com/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
767725432763bb3b61150ac32b1686f342b37b50970c4dc6d0ecb0a350af2358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"924 / 110 of 1000 / last-modified: 1625742623"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:44 GMT
fbevents.js
connect.facebook.net/es_LA/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_LA/fbevents.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
O/1dhn/bfZesZ8tHugpgTWoqa+trHc9SzqerFh7nodJoOw9CgAsBegCNY8krFMlbFxLTMCHJD8jI+xQEaF1LKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Jul 2021 16:05:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
6213498
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
aNPP-mldXHGa_oGuhTxkNeFyKUGUxFl20be4m3Y8nYX0bT1kJ1T1_Q==
update.min.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 May 2021 07:17:46 GMT
server
cloudflare
age
377094
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=so2AgNRvN15VYmCeuQXM%2FTMqcRO8TkV1WUPj2lkQgWFjWAbBBKYVdmbYaEtCA8QO2YUk7Hn1%2FcEhPH8NGYzhW7z9b1MnwsIFC%2F4YxeKlR2VoUkvx369DzhEimAD4Fgx7Clw8aJTr5xmFjWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66ba8e4b89574aa3-FRA
expires
Mon, 05 Jul 2021 07:20:50 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 15:55:52 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
fTugdvwWrPjMyVQ50gK2j94e4yFG6GovjWHN5ZQ16Zv8JapW_iJWYw==
kvideo.js
cdn.kiwilimon.com/js/video/v1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.kiwilimon.com/js/video/v1/kvideo.js?v=7.0.0
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da62b1d0c5f08852e676ffeaea8717b75f7044c99ebcaac7c2597e10eda2bb6e

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Feb 2020 22:42:55 GMT
server
cloudflare
age
70460
etag
W/"181a-59f82534c30e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=691200
cf-ray
66ba8e4b9cc32bca-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=859212272&t=event&_s=2&dl=https%3A%2F%2Fwww.kiwilimon.com%2F&ul=en-us&de=UTF-8&dt=Recetas%20de%20cocina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=headlanguage&ea=headlanguage%2Fpc%2Fes&el=head%2Flang%2Fclose&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=856512278.1625760344&tid=UA-11441155-1&_gid=2014055615.1625760344&z=258535809
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 06:52:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33170
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=859212272&t=pageview&_s=3&dl=https%3A%2F%2Fwww.kiwilimon.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Recetas%20de%20cocina&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=856512278.1625760344&tid=UA-11441155-1&_gid=2014055615.1625760344&z=1675048015
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 06:52:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33170
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
913.jpg.webp
cdn7.kiwilimon.com/galeriahome/913/1280x400/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/galeriahome/913/1280x400/913.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0214db4047a2b7d27aa4dbb774b3f01df78bc788d1233e945f8dd88933d6db

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 29 Jun 2021 13:31:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4bae9e05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
39738
633.jpg.webp
cdn7.kiwilimon.com/galeriahome/633/1280x400/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/galeriahome/633/1280x400/633.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb97f2d00bdfeb03731ca6be4108f98e674894fe3f3ff4b6bd9a7760c433402

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Jun 2021 17:05:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea205f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
52220
909.jpg.webp
cdn7.kiwilimon.com/galeriahome/909/1280x400/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/galeriahome/909/1280x400/909.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbcf2becff6258351c1f96d4c46e5900800dc8c2745a918fca7d589a78f61dc

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 25 Jun 2021 18:45:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea105f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
32714
907.jpg.webp
cdn7.kiwilimon.com/galeriahome/907/1280x400/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/galeriahome/907/1280x400/907.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234f5428223455423e22c68251b6e96cfbf7791699a06925de32a6044282e261

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Jun 2021 17:05:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4bae9f05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
30006
911.jpg.webp
cdn7.kiwilimon.com/galeriahome/911/1280x400/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/galeriahome/911/1280x400/911.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c127f9e1f3cfb8e058293397c988c3b845a93cc9f1ded61bbe817efe2a64164

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 25 Jun 2021 18:45:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea605f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
31456
i4003.jpg.webp
cdn7.kiwilimon.com/clasificacion/4003/108x108/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/4003/108x108/i4003.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f61ec27ecd71d25b09fa736e502008ad3f5de9ab7f08c0d901b4728b31e254

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Aug 2020 22:47:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baec405f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1374
i1.jpg.webp
cdn7.kiwilimon.com/clasificacion/1/108x108/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/1/108x108/i1.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
486b1a891e41fbb1ca5e34eaadde4af4091d8341f7003c2d90b47e98881e1de0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baec005f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1280
i48.jpg.webp
cdn7.kiwilimon.com/clasificacion/48/108x108/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/48/108x108/i48.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5780f2b191fe4fb88db69c5e131e69d6e9b22b9fc0c2f5770cdf78cb05233172

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baec205f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1428
i3356.jpg.webp
cdn7.kiwilimon.com/clasificacion/3356/108x108/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/3356/108x108/i3356.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1a1af61ab4c9282d416ddd395dc92c7d1a9046751ddfd181e89dea22e851ad

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 22 Aug 2020 02:02:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baec605f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
2470
i67.jpg.webp
cdn7.kiwilimon.com/clasificacion/67/108x108/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/67/108x108/i67.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24a68cda3a3c2211a4bb5db7e1bb6ded4066fa34f090077c46195fa39d953a

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea405f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1578
i74.jpg.webp
cdn7.kiwilimon.com/clasificacion/74/108x108/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/74/108x108/i74.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e86cb7c600eb2ea167db1280c222c5014f59a7a9e4ed8234d5f86d0ec558c0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baec905f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1554
i93.jpg.webp
cdn7.kiwilimon.com/clasificacion/93/108x108/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/93/108x108/i93.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7f5024616c08969496fe853065d6b55458a1235ff735bbca9eeddc537d8ba1

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baecf05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1244
i104.jpg.webp
cdn7.kiwilimon.com/clasificacion/104/108x108/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/104/108x108/i104.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54f8b839f7e79c5346ba44c9895a978b5f6cb3dcadbe57547d8ffb8254e2603

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baebf05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1430
i115.jpg.webp
cdn7.kiwilimon.com/clasificacion/115/108x108/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/115/108x108/i115.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029897ddc111816476a0c086951ccfaa6ee7675ddc0b31d194a2c63c90a41e9b

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeaf05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1212
i127.jpg.webp
cdn7.kiwilimon.com/clasificacion/127/108x108/ 		922 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/127/108x108/i127.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aeea4a203c7496742007d1455b7ab8f3a35fd52e8b5a8fcd3ad66b9c557217b

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baed005f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
922
i128.jpg.webp
cdn7.kiwilimon.com/clasificacion/128/108x108/ 		1016 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/128/108x108/i128.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f83e96b9f42f8cf8c76904c9d9efeaf0f659891a29d0ce8d3394d853a776f27

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeb605f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
1016
i122.jpg.webp
cdn7.kiwilimon.com/clasificacion/122/108x108/ 		842 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/clasificacion/122/108x108/i122.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3c971cd2cafe3ad84b4d0d2613191f1040dabdba9ac0c6a7beacfd56ba135b

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Mar 2020 19:32:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baece05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
842
48992.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38272/190x190/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38272/190x190/48992.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40bdca0004d83424dc04e2879c0cf2e96222283146c6786ce985976e37d74df

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Jul 2021 02:22:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4b9e8205f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
5218
48982.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38268/190x190/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38268/190x190/48982.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca90640c3906fbd7859e4091b37d8c4cb1094662aee9e7ada86ee788c63e560

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 19:16:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeae05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
4596
48984.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38269/190x190/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38269/190x190/48984.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c9c7e0961d8723a534c9a2602491964fc5132de22f3fba39f9c04b534828c2

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 19:28:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4bae9405f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
5642
48975.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38265/190x190/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38265/190x190/48975.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782cf64d1eecb65966a86a47461bdb056032f92627572ccfdf55297538ab66e3

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 19:29:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baead05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
6396
48970.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38263/190x190/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38263/190x190/48970.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09ca364aa1afbf1e0527d2edd55b700b30a4e2346512ce7f19229955ee9eedf6

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 02 Jul 2021 03:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4bae9805f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
7808
48967.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38257/190x190/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38257/190x190/48967.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16d44ba58dfe35ce8d277075eca3f03e654aebdc7ea55279deba9e5bb4c3fcde

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 19:26:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeaa05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
4424
48960.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38259/190x190/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38259/190x190/48960.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d15ed2a7a47b478a5d5586dca2c31e15c200c961959fe947a43b1d31b90997

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Jun 2021 13:32:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeab05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
5644
48958.jpg.webp
cdn7.kiwilimon.com/recetaimagen/38258/190x190/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/recetaimagen/38258/190x190/48958.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8062a61abbcdf9c5ae296daab8ce733c667e1f32956b6f07d1c8758019664b0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 19:29:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeca05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
4288
59.jpg.webp
cdn7.kiwilimon.com/productoventa/59/250x250/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/59/250x250/59.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1256dc53b2e692e24d91079fbb71165898ff95ca5e5935eefadb70e51d686b7

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 02 Jul 2021 20:32:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea905f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
10520
57.jpg.webp
cdn7.kiwilimon.com/productoventa/57/250x250/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/57/250x250/57.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ffafdeb12ccda6a0f4bc5eeb0ca05a02a665bbb0b6c6d4060736dd47d649b7

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Jun 2021 20:40:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baea705f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
11672
56.jpg.webp
cdn7.kiwilimon.com/productoventa/56/250x250/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/56/250x250/56.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b1a272cecfa9d1d70c07ef9563fb577a422715173c995f3819c8eb7083df33

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Jun 2021 18:38:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baebe05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
15924
53.jpg.webp
cdn7.kiwilimon.com/productoventa/53/250x250/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/53/250x250/53.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050b2c433248d6ce2963e2d5f67dbf8e7167f6fa34a9be57da975e13ccde4e22

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 27 Apr 2021 20:51:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baebc05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
12992
52.jpg.webp
cdn7.kiwilimon.com/productoventa/52/250x250/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/52/250x250/52.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e50ee48ecec70656eadca2791d83523cebbcdaf74758dea0325f9f080697395

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 26 Apr 2021 16:51:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeba05f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
9060
50.jpg.webp
cdn7.kiwilimon.com/productoventa/50/250x250/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn7.kiwilimon.com/productoventa/50/250x250/50.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa58e601957c371e7212e5b644aa468055bdd8cee1d20ed7fdef9bec5a50723

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Mar 2021 18:06:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS
content-type
image/webp
access-control-allow-origin
https://www.kiwilimon.com
cache-control
max-age=691200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66ba8e4baeb905f1-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Origin, X-Requested-With, Method
content-length
10250
sdk.js
connect.facebook.net/en_US/ 		234 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d46c2de2771da81858c874c022264c4e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/undefined/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d54bdd415a4f40987a9c4db4bfecea0541278528a1a46b7d168b2b6f6f8e3ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.kiwilimon.com
Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Z0w223xAdqJMmR18QHC4DA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69354
x-fb-rlafr
0
x-fb-debug
NkeENl7DACgc8T/OV0xrTX2Q6vaMdqWcC0X9db93uN8BtRzOBDHtsC4+wJ9w8rXwjjU3qfE721m3qUkRPNYWtg==
x-fb-content-md5
2783fa6cfcf9a217adb90fa41f6dc65e
x-frame-options
DENY
date
Thu, 08 Jul 2021 16:05:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fd16c7527a96b6fdf7eb473ad4f56449"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Jul 2022 15:55:14 GMT
pubads_impl_2021070101.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 08:37:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117092
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		204 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kiwilimon.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
32949798021d6627f034074aab09021604a6fe64bea36cb418ec2e15c8c3d6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:44 GMT
video-js.css
unpkg.com/video.js@7.13.3/dist/
Redirect Chain
  • https://unpkg.com/video.js/dist/video-js.css
  • https://unpkg.com/video.js@7.13.3/dist/video-js.css
45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/video.js@7.13.3/dist/video-js.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0207399ff00b641aafed026adb6384f911cbaf391c78cd5601ee245a646f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1343726
fly-request-id
01F8VCCVW723YFRARSARE3K5HN
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"b45f-d1ihH0nE4sqo9EFo/me1XSPBS6M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
66ba8e4c18082b89-FRA

Redirect headers

date
Thu, 08 Jul 2021 16:05:44 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FA3DMFSVY8DEGG8Y9Q9S0TX8
server
cloudflare
age
247
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/video.js@7.13.3/dist/video-js.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
66ba8e4bcf372b89-FRA
access-control-allow-origin
*
videojs-contrib-ads.css
unpkg.com/videojs-contrib-ads@6.9.0/dist/
Redirect Chain
  • https://unpkg.com/videojs-contrib-ads/dist/videojs-contrib-ads.css
  • https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs-contrib-ads.css
975 B
399 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs-contrib-ads.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
763469
fly-request-id
01F9CNRXYK18KZ6MC6V8NJDSG9
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
66ba8e4dfc5e2b89-FRA

Redirect headers

date
Thu, 08 Jul 2021 16:05:45 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01FA3DW1JD51RB25Z76B4AXGWT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/videojs-contrib-ads@6.9.0/dist/videojs-contrib-ads.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
66ba8e4bcf3a2b89-FRA
ima.css
cdn.kiwilimon.com/js/video/v1/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.kiwilimon.com/js/video/v1/ima.css
Requested by
Host: cdn.kiwilimon.com
URL: https://cdn.kiwilimon.com/js/video/v1/kvideo.js?v=7.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Feb 2020 19:52:50 GMT
server
cloudflare
age
171105
etag
W/"eda-59f7ff30b2fd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=691200
cf-ray
66ba8e4bcd372bca-FRA
kiwi.css
cdn.kiwilimon.com/js/video/v1/ 		1 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.kiwilimon.com/js/video/v1/kiwi.css
Requested by
Host: cdn.kiwilimon.com
URL: https://cdn.kiwilimon.com/js/video/v1/kvideo.js?v=7.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:375e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e719cbde7736668a39ec294f86588f7eb85654f9d673f9a3877d4d0d4a44dc

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Jan 2020 20:13:39 GMT
server
cloudflare
age
171105
etag
W/"49d-59c4775f2a2c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=691200
cf-ray
66ba8e4bcd3b2bca-FRA
video.min.js
unpkg.com/video.js@7.13.3/dist/
Redirect Chain
  • https://unpkg.com/video.js/dist/video.min.js
  • https://unpkg.com/video.js@7.13.3/dist/video.min.js
545 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/video.js@7.13.3/dist/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f767ebd5a7968577f36d76eab5ccd01357988887aadbc5f346e4651de1c1f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1343726
fly-request-id
01F8VCCSG20S5K51WXADJP1SRT
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"882c7-LKc2O4b39W8c++6fq5mPvozu4mo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
66ba8e4c180b2b89-FRA

Redirect headers

date
Thu, 08 Jul 2021 16:05:44 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FA3DPCY0N3NSRX4SWE30A9AB
server
cloudflare
age
187
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/video.js@7.13.3/dist/video.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
66ba8e4bcf3b2b89-FRA
access-control-allow-origin
*
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=250305718425857&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kiwilimon.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d46c2de2771da81858c874c022264c4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ZePtprG59Lhv93kQw4wVP/svlJ1RwHX15Rf+h8Btiayo9LM0XLCvsbPDxioA547+1wrH3Ushy6ZYssMouMboIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Jul 2021 16:05:44 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
250305718425857
connect.facebook.net/signals/config/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/250305718425857?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0faa49c890285a2d5e772dd291ae7f617dc6857e430bbef530afbf8a371b3d7c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
k3DazpbJm+6j1mDPGs0GlWng8Q6m8YIPMpLDJ01C/yr9jlXwRJHzAwKQ7X09le8MDpqGAGRBg+DbnJqxQxsYtg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Jul 2021 16:05:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
update.show.min.js
browser-update.org/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.show.min.js
Requested by
Host: browser-update.org
URL: https://browser-update.org/update.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98e5f2079a8b9edf4621a42bd064f2c3ff4dfb7cb105715ed483d24a52b99c2

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 May 2021 07:17:47 GMT
server
cloudflare
age
377179
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9lM41B0UdTLeQ%2Fyv%2BXcVoAa4sDp%2FIz56IWbAC3n8qSvhQxbjMLBpv0myZ4tk%2B%2B2dhe%2FRD1h0NSfrs2H6czwmq9ZSCa%2BuaUy44HPSNsjYWE%2FMjwgmXQa2%2BMtr387s48%2BE7h51Za%2BayWCRIl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66ba8e4c1a924aa3-FRA
expires
Mon, 05 Jul 2021 07:19:25 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9=
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-8.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
GqarYKKB9CCo2I-DF6ujIOkQPuiAK6J0uZxlVKz56TVEux4H5ZOhOQ==

Redirect headers

date
Thu, 08 Jul 2021 16:05:44 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=7750805&ns__t=1625760344977&ns_c=UTF-8&cv=3.5&c8=Recetas%20de%20cocina&c7=https%3A%2F%2Fwww.kiwilimon.com%2F&c9=
content-length
178
x-amz-cf-id
J56Yi7VCpJmJTQdXvv229f7MK9qr8tW7apHed4NETB7cj9dgsgZC5g==
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Recetas%20de%20cocina&time=1625760344979&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.kiwilimon.com%2F&random_number=3996283832&sess_cookie=25773f5917a86de2b92cae2bf70&sess_cookie_flag=1&user_cookie=25773f5917a86de2b92cae2bf70&user_cookie_flag=1&dynamic=true&domain=kiwilimon.com&account=Cq4Hj1aotV008f&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-10.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 03:34:55 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
45051
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
2QTgLX-y5yyDLN7QzTqP9E1V9ke6GtgQkfvgmgaoduGv0atdVX-2hw==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:bc:1202:b9c3:93a:fb15:d062 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
server
Server
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=250305718425857&ev=PageView&dl=https%3A%2F%2Fwww.kiwilimon.com%2F&rl=&if=false&ts=1625760345037&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=28&it=1625760344945&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 08 Jul 2021 16:05:45 GMT
auction
tlx.3lift.com/header/ 		19 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.40.0&referrer=https%3A%2F%2Fwww.kiwilimon.com%2F&tmax=3000
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0f4b5aca3dc00029a2d565e4e745673b35d424fde6d570d76fc0b16c871054c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1141e19f-303b-4e87-9c26-e15d4e144f24
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
brightcombid.marphezis.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:45 GMT
access-control-allow-credentials
true
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9524de17f65b6ffb935566802510c4470b48099eda4abe0fae8e26c62792393a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
72d3ccd9-d1b2-4988-a228-fe8254fe6c46
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=358388&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229abd74b93d0bf3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiwilimon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22100e1cf00cfbfa5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358388%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58a26526794c3d083a4669dff19051d431073333a4c8bab0d3b6a8f429a97ef4

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kiwilimon.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 16:05:45 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=1090892712959456&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760345&dt=1625760345093&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=2481244318&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3676&msz=1600x0&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
7146971d97f98c52d17500f30e4a37a5150a83d520f131c5ec2fafd0f2e54d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1091
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E042 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		339 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.kiwilimon.com
URL: https://cdn.kiwilimon.com/js/video/v1/kvideo.js?v=7.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118860
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3462f3c71aeedf53b42498644e2af2e79fc9402444b412d9d9c96260a30bc249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8354
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:45 GMT
videojs.ads.min.js
unpkg.com/videojs-contrib-ads@6.9.0/dist/
Redirect Chain
  • https://unpkg.com/videojs-contrib-ads/dist/videojs.ads.min.js
  • https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs.ads.min.js
28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/videojs-contrib-ads@6.9.0/dist/videojs.ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
763451
fly-request-id
01F9CNSGSYAMV87FMQ8PNRYY5T
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"6e7b-ZlDqbCeWFhp6YAqCZkyM4CYW8QU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
66ba8e55dd2c2b89-FRA

Redirect headers

date
Thu, 08 Jul 2021 16:05:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01FA3DW4N7S6K3V6N94Y17WRP5
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/videojs-contrib-ads@6.9.0/dist/videojs.ads.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
66ba8e4dec252b89-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 38B1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 08 Jul 2021 15:32:45 GMT
expires
Fri, 08 Jul 2022 15:32:45 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1980
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2302 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1033901f1861753b1f35b07e38078667030b2d022ccfde028b5434e7b2564bcd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YoSfB7gBt5ou+h6l+FpojA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

expires
Thu, 08 Jul 2021 16:05:45 GMT
date
Thu, 08 Jul 2021 16:05:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YoSfB7gBt5ou+h6l+FpojA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=741652966291537&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie=ID%3D2c6884809ad49b6f-22af9af776c800e9%3AT%3D1625760345%3AS%3DALNI_Matyp031en1LHN3kqAO3URHq2HMAQ&bc=31&abxe=1&lmt=1625760345&dt=1625760345418&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=1140&adys=1059&adks=1600721462&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=4&ohw=1280&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
72fb6f95be9c5fd754745531c07fe271eb9862fa4546e3d720ab9f945bbde6f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11510
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4FB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657948508962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:45 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15499/ 		303 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15499/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15499/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-87.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a50c1d225a3a6d96d76d263766cd4595501e914195c24ad6f2bdc41a44650bae

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 08 Jul 2021 12:47:10 GMT
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
age
11916
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
303
last-modified
Mon, 15 Feb 2021 20:50:37 GMT
server
AmazonS3
etag
"a2355070027dac339a9c54f81f223e97"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
NZcPCUjJsyfpKfeOTEEE7U5PLWWojpniDBIBMqy37eT4Q1natQX98g==
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame 38B1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
data
bcp.crwdcntrl.net/6/ 		438 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15499/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
68cc483cf4f8e8b412da2adc945a9bbcfa1261dfe7f11d0366aab18bc22ecb32

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache
x-server
10.45.16.21
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
438
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 25C2 		624 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUngcqyb_ZVHQDanQajYOg0AqDk-Pghi70prWluCZHS3s-HgNHONzOUcoJxvT5E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 16:05:45 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4FB5 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrKVb5TX973QRht3bsoXR1HWmXBxDz6TkvYtPVdRefJMRWZ_LhJA5ZKtl71FEtHpCxbAT4xrm3XvL6wcTrfIPCDjXOWB1I_jzor4tfSr6Sms7bPj7by0JyqwE7MsKgtnsfe_M3rozPaG7TA8SFQ9NpWHkaHQ&cry=1&dbm_d=AKAmf-Bdz8tNy4GXdy1JKMfRgUGJxeKx_TkjaW-njJOzESgVEzYYrrNAkUDHS-C1m7lf_Q7NFKFjMTbTt3TZmPlapOeDU4HXM4R3tFy5Z-mXMpRwLLMUIPRnJUo2Aiw6oZn1smlmT1Qp-uhTuJ5BNTDB89ei7a4iA0rXwrR_0W42hci6r32860Ov8uEsU0uQaxq3PUkuKnbexEkRjKPfqYJQl5FVXSr8KJIJDCWtgi7mLKdvHFbiuAtDIihXsBJqzKz47LkV_32ULvkfl7sStu4doJZk0c_KQnSNaxWBFZoYAVQj69gz0p9IJrHsfeloixlrZUd8mMbDJTvfnNNCFEorMYeSDSnNstA9tdiXNKPlu0eBxQJ73KfCIlARvujz650v1IrrimtCyZH-8F2vNOUIqIDFNwQMiZ9YnuY4iJbxtWNnOamSGlJk0DnTNotLb7AcmXRA_2xOgA5SlgNC6abTADdg03qzGI6kg5h9A0Pw_qzNq7Vm7wJ5dPMuXkw6UmhvYxaf2j5qGO_MGsZ2yF4Wkfj4gjXJCNd4zBdN4on_9Q65W-z_g6H5ho6IqnC-uv3VyMWNJC1xZ16noAIdbs5hCQV8P2CsEgWb3ZTEXHjIYPGmnLTuuZNGdu9pJTniKMwXAqVJ0tduJlRKRPbaTDOjJReC65q4relXVj6SoEIEVr6r0v6NBPpBZBgjqodAzLZz8EatqxLVDElLdKmC8W6QIIhQW5Rbhq6pnnQmuyP8Ty40xiwof55cFvZ9ZWWx-LI3PmBC3wYmz64oIgLU_4M0mCIVOglHLF378qbnpXaE0mleOCF0gY-7XFnCN-LNHYDJiwYitd0Du0TBUcRc_i91fhE7wBFzHgv0C1tGI2pV7aBnlsS2__glo1IHH-dXVAKBHH9zYau-X1vBbPhFzHiXMKqpL_TNNlOYjk8bzzEnvD7Tc8e3iY9wPMIBLejK43G1OP5mRpr0Gzd0XxChbTDCyR8n7kgAbJ5HigXZBzpICSFZHtY__hBR8ZvcdLRJR7aD7zaH8vyf479cwbZcdST96rE66_K620ar0H3LrPAcRbR5uVqlHjpf7CWL94OfMfbt2sZu7WGEv-M_8SL75KQ4eGXr5cgWgDGBdPivzU35OsIU6k0ErR5kfqIQw4FSp45R1t8eH0jLBp2OEAs_uREMG-ljKUFjl2vMUfs-7w61AVCkOZ9VZTGXqU9jReMOIECP6Vf9jPLPNnHwxOloLGDEaWlGON6EIxM-GTCKCcz39-L8QwtEpE1clWrzL8tsNv0URfAJzgH2viKo7gyjyhnvXUzp4hyWwpDwT2DnLT3QO3udHTIzAGEZU309cYcoDpM2S8I6q5X03vO6t_xRg7dezLX4mSHrVdLo2OJOGVxatyVZL4vKj3tSKHrYk2LOAK71PfZ7FnoGm264KJjjzvKiR63PsUSBRdY3ij1ZRLKhNigV7c5Q6NULe8SgtKJqo1GcYC8kyVH6cada-q04BBk4Tg_lVEFOmwubu6ifealWEwXSuB1Q7Ij1Pz_5j5AY9Cr7W4Vh5Xck6K3LBnt4wazp5En119-jf5Oiua17xLm58_O_pKxYGqVfmH-njJcnBQmjzTivD6WthuM25n4nGg3FAEO13VlYknNY524FhF3Sko-q8cxnXoopAS09DisIKZeEgLL-cA70tg6zGqun71om-g10g7cN3jxvheOD_FL53qbzI67kJuoxZxKt2DiSnX_2QVLO3XCRc_uGlQoB7mBiQpCkM35N9Ng6xxMDbXQzzoojdGorz7bZ3osLvEirw7DXnLUi_V2EyrB6kCmK73MMGo_FKQYLeFMsIOJ5olBH1WsjVFnGvuOc5U7U2mOdB8rGU_ZUEJGo4SEKTo6P5_MHqRfadZnw2iesWFqapWKzOI_1U7PK5gVQynVcy5cdrJO-QRszQPYkO2A-TgYYlq5oxlt-jdj__vG_z2xLaQUKtm4PMrecJ8Oycvyq4AYBitWEQ9gFcNmuqjOhjld7ScluAE6qWWj3hiJgOxnB3f4-qQyxdL-czN3z63ROGyyr7OefJz53muZ5-PSdXlJjQehNAejwg-liYMQIAt50E1tVk_YyVhdY1WZu8GxLJ8NCrjmq5NYKuBph4Fnl7wws_WLLnKC9mFSWb5gRHUJEu4DjaaUN1BiINwDUVwSGUf6Z7q1YW3OFyRnrhBJEq4GLCe_oxUmqCSUY9h0o9jrRlp-kt4-Xg53Yg9vW1rgD7RzAptk-mApIfwa7qBdTzf7vD-hFLUBDo9ycKXwPdOz2mpaDHxMX9gDLPLzMJhK7g89Ut3WEdUz2TmZpPk9keHBfRdn7JuoiavSX9nIEaLVvPPGsHAA60u0_7Vr4X3gfYPGazjGOu3NabcwiwY6EutQ6WtXbMkmqymGaOyBD3-JJ3Q-lDwPJzycGnCNfwJ5-Cm3mBYC_YjRvGT79Wk6IK7Dn762Ahocssd_CRonbUb4n-zydLDmpz2Tn706HoMznQ5Zh5sfpz6mJzhkDOoKpzsGgcuiuV1B8b2vdceHcay1YfWC8oVs8pd8arHHk1GBg33f6K2gX6717u-UF6rLF3XcFOIZbYDC8mM7XWbWsN2tAM_EZ-6Hatn_8CAN_4MCDcqx4oDM8G_NDoLKEiIf5GDpO4VBFDkHo_YKShqVgr-A4YSYu6okVpoWeBYdqHMXROekP8UdWYCvi92jc62qqJXbY_tWnuGQL4w8VDcr5hWXYtbwcMX2sWjl4qfZ0NNkYKd2E0j-dE-xyvWeWHbggZC0oFErSCXTrGi_entzPNJwjSlB44guy2ABSTKUWLGvKs1d-Rt3SO4cAJ_g7coPqXG1pHbMmlpx4auog7Nf8MJNAy0fnc5m0XGKYsnlkDVaWG5FBDJhF9BuEy5sP&cid=CAASEuRoif_aIptvYpoGKWbW_LOMOA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65dce9c4d9c2312f23ebcc653671d63133bde10013a57698678e6e4a3d674b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FB5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9E7NbBWoCbsZxRYqd46PV8HdVaU9cncE5aRYFkcsIycEa-t_TQd-_ne0Y17KPPs0a3ecumDUYnpVR73OumPoO4gxp22oO9yHBZ61ejAiOxsrl1JM
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 4FB5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231980&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iyEFU624bvTS5YMEkJpwW2&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32487994&DVP_DBM_4=322707021&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=32694964256&turl=https://www.kiwilimon.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 09:29:38 GMT
Server
Microsoft-IIS/10.0
ETag
"49b02714972d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 4FB5 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iyEFU624bvTS5YMEkJpwW2&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32487994&DVP_DBM_4=322707021&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=32694964256&turl=https://www.kiwilimon.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
84de9e9252f099570390c72929b369c63af2b3379ce28173d7220cfd0007365a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Jul 2021 18:32:40 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4b022cc71d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3172
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 4FB5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FB5 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 4FB5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
l
www.google.com/ads/measurement/ Frame 4FB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4CdOj9nRNOFnVdeJ9qfCFsVZAUT6ds0UlzLakbjxEEICbaQv6WyLY8NqG5WeA5BC9stySIPnVUhjgOPm65rPvXnvKIg
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 25C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 25C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciWgOZzBDR8VTfFaHjYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpsu5mced0OLIx8B1AfT88&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 25C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBdJp_LW8bQHuaNtuBUAwWo&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdJp_LW8bQHuaNtuBUAwWo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
aa654158-aad5-4a81-b9a3-91fce0615fe4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdJp_LW8bQHuaNtuBUAwWo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 25C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTg2MDY4OTg3NTQ2ODQxNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTg2MDY4OTg3NTQ2ODQxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjNvPCZATAB&v=APEucNX14EQEtxQrTbscQuMAreM3LbSGPBdn2quIKbJhuNaD3xwdFBVRPBWpfat9Zoe_ysV_yEnC9DHZWpZ14VM1NHrstyAX-GRi_aUo5xSQb2r5_YPdKUsxFq_mViyfQHawDgcuEeVsfpsBLfBr3gwq06xebGbk0mBzhhTxuHqW5SPCbjCij14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4892a886-19a6-457a-b304-e0662943e067
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTg2MDY4OTg3NTQ2ODQxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 4FB5 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrKVb5TX973QRht3bsoXR1HWmXBxDz6TkvYtPVdRefJMRWZ_LhJA5ZKtl71FEtHpCxbAT4xrm3XvL6wcTrfIPCDjXOWB1I_jzor4tfSr6Sms7bPj7by0JyqwE7MsKgtnsfe_M3rozPaG7TA8SFQ9NpWHkaHQ&cry=1&dbm_d=AKAmf-Bdz8tNy4GXdy1JKMfRgUGJxeKx_TkjaW-njJOzESgVEzYYrrNAkUDHS-C1m7lf_Q7NFKFjMTbTt3TZmPlapOeDU4HXM4R3tFy5Z-mXMpRwLLMUIPRnJUo2Aiw6oZn1smlmT1Qp-uhTuJ5BNTDB89ei7a4iA0rXwrR_0W42hci6r32860Ov8uEsU0uQaxq3PUkuKnbexEkRjKPfqYJQl5FVXSr8KJIJDCWtgi7mLKdvHFbiuAtDIihXsBJqzKz47LkV_32ULvkfl7sStu4doJZk0c_KQnSNaxWBFZoYAVQj69gz0p9IJrHsfeloixlrZUd8mMbDJTvfnNNCFEorMYeSDSnNstA9tdiXNKPlu0eBxQJ73KfCIlARvujz650v1IrrimtCyZH-8F2vNOUIqIDFNwQMiZ9YnuY4iJbxtWNnOamSGlJk0DnTNotLb7AcmXRA_2xOgA5SlgNC6abTADdg03qzGI6kg5h9A0Pw_qzNq7Vm7wJ5dPMuXkw6UmhvYxaf2j5qGO_MGsZ2yF4Wkfj4gjXJCNd4zBdN4on_9Q65W-z_g6H5ho6IqnC-uv3VyMWNJC1xZ16noAIdbs5hCQV8P2CsEgWb3ZTEXHjIYPGmnLTuuZNGdu9pJTniKMwXAqVJ0tduJlRKRPbaTDOjJReC65q4relXVj6SoEIEVr6r0v6NBPpBZBgjqodAzLZz8EatqxLVDElLdKmC8W6QIIhQW5Rbhq6pnnQmuyP8Ty40xiwof55cFvZ9ZWWx-LI3PmBC3wYmz64oIgLU_4M0mCIVOglHLF378qbnpXaE0mleOCF0gY-7XFnCN-LNHYDJiwYitd0Du0TBUcRc_i91fhE7wBFzHgv0C1tGI2pV7aBnlsS2__glo1IHH-dXVAKBHH9zYau-X1vBbPhFzHiXMKqpL_TNNlOYjk8bzzEnvD7Tc8e3iY9wPMIBLejK43G1OP5mRpr0Gzd0XxChbTDCyR8n7kgAbJ5HigXZBzpICSFZHtY__hBR8ZvcdLRJR7aD7zaH8vyf479cwbZcdST96rE66_K620ar0H3LrPAcRbR5uVqlHjpf7CWL94OfMfbt2sZu7WGEv-M_8SL75KQ4eGXr5cgWgDGBdPivzU35OsIU6k0ErR5kfqIQw4FSp45R1t8eH0jLBp2OEAs_uREMG-ljKUFjl2vMUfs-7w61AVCkOZ9VZTGXqU9jReMOIECP6Vf9jPLPNnHwxOloLGDEaWlGON6EIxM-GTCKCcz39-L8QwtEpE1clWrzL8tsNv0URfAJzgH2viKo7gyjyhnvXUzp4hyWwpDwT2DnLT3QO3udHTIzAGEZU309cYcoDpM2S8I6q5X03vO6t_xRg7dezLX4mSHrVdLo2OJOGVxatyVZL4vKj3tSKHrYk2LOAK71PfZ7FnoGm264KJjjzvKiR63PsUSBRdY3ij1ZRLKhNigV7c5Q6NULe8SgtKJqo1GcYC8kyVH6cada-q04BBk4Tg_lVEFOmwubu6ifealWEwXSuB1Q7Ij1Pz_5j5AY9Cr7W4Vh5Xck6K3LBnt4wazp5En119-jf5Oiua17xLm58_O_pKxYGqVfmH-njJcnBQmjzTivD6WthuM25n4nGg3FAEO13VlYknNY524FhF3Sko-q8cxnXoopAS09DisIKZeEgLL-cA70tg6zGqun71om-g10g7cN3jxvheOD_FL53qbzI67kJuoxZxKt2DiSnX_2QVLO3XCRc_uGlQoB7mBiQpCkM35N9Ng6xxMDbXQzzoojdGorz7bZ3osLvEirw7DXnLUi_V2EyrB6kCmK73MMGo_FKQYLeFMsIOJ5olBH1WsjVFnGvuOc5U7U2mOdB8rGU_ZUEJGo4SEKTo6P5_MHqRfadZnw2iesWFqapWKzOI_1U7PK5gVQynVcy5cdrJO-QRszQPYkO2A-TgYYlq5oxlt-jdj__vG_z2xLaQUKtm4PMrecJ8Oycvyq4AYBitWEQ9gFcNmuqjOhjld7ScluAE6qWWj3hiJgOxnB3f4-qQyxdL-czN3z63ROGyyr7OefJz53muZ5-PSdXlJjQehNAejwg-liYMQIAt50E1tVk_YyVhdY1WZu8GxLJ8NCrjmq5NYKuBph4Fnl7wws_WLLnKC9mFSWb5gRHUJEu4DjaaUN1BiINwDUVwSGUf6Z7q1YW3OFyRnrhBJEq4GLCe_oxUmqCSUY9h0o9jrRlp-kt4-Xg53Yg9vW1rgD7RzAptk-mApIfwa7qBdTzf7vD-hFLUBDo9ycKXwPdOz2mpaDHxMX9gDLPLzMJhK7g89Ut3WEdUz2TmZpPk9keHBfRdn7JuoiavSX9nIEaLVvPPGsHAA60u0_7Vr4X3gfYPGazjGOu3NabcwiwY6EutQ6WtXbMkmqymGaOyBD3-JJ3Q-lDwPJzycGnCNfwJ5-Cm3mBYC_YjRvGT79Wk6IK7Dn762Ahocssd_CRonbUb4n-zydLDmpz2Tn706HoMznQ5Zh5sfpz6mJzhkDOoKpzsGgcuiuV1B8b2vdceHcay1YfWC8oVs8pd8arHHk1GBg33f6K2gX6717u-UF6rLF3XcFOIZbYDC8mM7XWbWsN2tAM_EZ-6Hatn_8CAN_4MCDcqx4oDM8G_NDoLKEiIf5GDpO4VBFDkHo_YKShqVgr-A4YSYu6okVpoWeBYdqHMXROekP8UdWYCvi92jc62qqJXbY_tWnuGQL4w8VDcr5hWXYtbwcMX2sWjl4qfZ0NNkYKd2E0j-dE-xyvWeWHbggZC0oFErSCXTrGi_entzPNJwjSlB44guy2ABSTKUWLGvKs1d-Rt3SO4cAJ_g7coPqXG1pHbMmlpx4auog7Nf8MJNAy0fnc5m0XGKYsnlkDVaWG5FBDJhF9BuEy5sP&cid=CAASEuRoif_aIptvYpoGKWbW_LOMOA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4FB5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrKVb5TX973QRht3bsoXR1HWmXBxDz6TkvYtPVdRefJMRWZ_LhJA5ZKtl71FEtHpCxbAT4xrm3XvL6wcTrfIPCDjXOWB1I_jzor4tfSr6Sms7bPj7by0JyqwE7MsKgtnsfe_M3rozPaG7TA8SFQ9NpWHkaHQ&cry=1&dbm_d=AKAmf-Bdz8tNy4GXdy1JKMfRgUGJxeKx_TkjaW-njJOzESgVEzYYrrNAkUDHS-C1m7lf_Q7NFKFjMTbTt3TZmPlapOeDU4HXM4R3tFy5Z-mXMpRwLLMUIPRnJUo2Aiw6oZn1smlmT1Qp-uhTuJ5BNTDB89ei7a4iA0rXwrR_0W42hci6r32860Ov8uEsU0uQaxq3PUkuKnbexEkRjKPfqYJQl5FVXSr8KJIJDCWtgi7mLKdvHFbiuAtDIihXsBJqzKz47LkV_32ULvkfl7sStu4doJZk0c_KQnSNaxWBFZoYAVQj69gz0p9IJrHsfeloixlrZUd8mMbDJTvfnNNCFEorMYeSDSnNstA9tdiXNKPlu0eBxQJ73KfCIlARvujz650v1IrrimtCyZH-8F2vNOUIqIDFNwQMiZ9YnuY4iJbxtWNnOamSGlJk0DnTNotLb7AcmXRA_2xOgA5SlgNC6abTADdg03qzGI6kg5h9A0Pw_qzNq7Vm7wJ5dPMuXkw6UmhvYxaf2j5qGO_MGsZ2yF4Wkfj4gjXJCNd4zBdN4on_9Q65W-z_g6H5ho6IqnC-uv3VyMWNJC1xZ16noAIdbs5hCQV8P2CsEgWb3ZTEXHjIYPGmnLTuuZNGdu9pJTniKMwXAqVJ0tduJlRKRPbaTDOjJReC65q4relXVj6SoEIEVr6r0v6NBPpBZBgjqodAzLZz8EatqxLVDElLdKmC8W6QIIhQW5Rbhq6pnnQmuyP8Ty40xiwof55cFvZ9ZWWx-LI3PmBC3wYmz64oIgLU_4M0mCIVOglHLF378qbnpXaE0mleOCF0gY-7XFnCN-LNHYDJiwYitd0Du0TBUcRc_i91fhE7wBFzHgv0C1tGI2pV7aBnlsS2__glo1IHH-dXVAKBHH9zYau-X1vBbPhFzHiXMKqpL_TNNlOYjk8bzzEnvD7Tc8e3iY9wPMIBLejK43G1OP5mRpr0Gzd0XxChbTDCyR8n7kgAbJ5HigXZBzpICSFZHtY__hBR8ZvcdLRJR7aD7zaH8vyf479cwbZcdST96rE66_K620ar0H3LrPAcRbR5uVqlHjpf7CWL94OfMfbt2sZu7WGEv-M_8SL75KQ4eGXr5cgWgDGBdPivzU35OsIU6k0ErR5kfqIQw4FSp45R1t8eH0jLBp2OEAs_uREMG-ljKUFjl2vMUfs-7w61AVCkOZ9VZTGXqU9jReMOIECP6Vf9jPLPNnHwxOloLGDEaWlGON6EIxM-GTCKCcz39-L8QwtEpE1clWrzL8tsNv0URfAJzgH2viKo7gyjyhnvXUzp4hyWwpDwT2DnLT3QO3udHTIzAGEZU309cYcoDpM2S8I6q5X03vO6t_xRg7dezLX4mSHrVdLo2OJOGVxatyVZL4vKj3tSKHrYk2LOAK71PfZ7FnoGm264KJjjzvKiR63PsUSBRdY3ij1ZRLKhNigV7c5Q6NULe8SgtKJqo1GcYC8kyVH6cada-q04BBk4Tg_lVEFOmwubu6ifealWEwXSuB1Q7Ij1Pz_5j5AY9Cr7W4Vh5Xck6K3LBnt4wazp5En119-jf5Oiua17xLm58_O_pKxYGqVfmH-njJcnBQmjzTivD6WthuM25n4nGg3FAEO13VlYknNY524FhF3Sko-q8cxnXoopAS09DisIKZeEgLL-cA70tg6zGqun71om-g10g7cN3jxvheOD_FL53qbzI67kJuoxZxKt2DiSnX_2QVLO3XCRc_uGlQoB7mBiQpCkM35N9Ng6xxMDbXQzzoojdGorz7bZ3osLvEirw7DXnLUi_V2EyrB6kCmK73MMGo_FKQYLeFMsIOJ5olBH1WsjVFnGvuOc5U7U2mOdB8rGU_ZUEJGo4SEKTo6P5_MHqRfadZnw2iesWFqapWKzOI_1U7PK5gVQynVcy5cdrJO-QRszQPYkO2A-TgYYlq5oxlt-jdj__vG_z2xLaQUKtm4PMrecJ8Oycvyq4AYBitWEQ9gFcNmuqjOhjld7ScluAE6qWWj3hiJgOxnB3f4-qQyxdL-czN3z63ROGyyr7OefJz53muZ5-PSdXlJjQehNAejwg-liYMQIAt50E1tVk_YyVhdY1WZu8GxLJ8NCrjmq5NYKuBph4Fnl7wws_WLLnKC9mFSWb5gRHUJEu4DjaaUN1BiINwDUVwSGUf6Z7q1YW3OFyRnrhBJEq4GLCe_oxUmqCSUY9h0o9jrRlp-kt4-Xg53Yg9vW1rgD7RzAptk-mApIfwa7qBdTzf7vD-hFLUBDo9ycKXwPdOz2mpaDHxMX9gDLPLzMJhK7g89Ut3WEdUz2TmZpPk9keHBfRdn7JuoiavSX9nIEaLVvPPGsHAA60u0_7Vr4X3gfYPGazjGOu3NabcwiwY6EutQ6WtXbMkmqymGaOyBD3-JJ3Q-lDwPJzycGnCNfwJ5-Cm3mBYC_YjRvGT79Wk6IK7Dn762Ahocssd_CRonbUb4n-zydLDmpz2Tn706HoMznQ5Zh5sfpz6mJzhkDOoKpzsGgcuiuV1B8b2vdceHcay1YfWC8oVs8pd8arHHk1GBg33f6K2gX6717u-UF6rLF3XcFOIZbYDC8mM7XWbWsN2tAM_EZ-6Hatn_8CAN_4MCDcqx4oDM8G_NDoLKEiIf5GDpO4VBFDkHo_YKShqVgr-A4YSYu6okVpoWeBYdqHMXROekP8UdWYCvi92jc62qqJXbY_tWnuGQL4w8VDcr5hWXYtbwcMX2sWjl4qfZ0NNkYKd2E0j-dE-xyvWeWHbggZC0oFErSCXTrGi_entzPNJwjSlB44guy2ABSTKUWLGvKs1d-Rt3SO4cAJ_g7coPqXG1pHbMmlpx4auog7Nf8MJNAy0fnc5m0XGKYsnlkDVaWG5FBDJhF9BuEy5sP&cid=CAASEuRoif_aIptvYpoGKWbW_LOMOA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 14:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 14:19:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 65DF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal94.js
cdn.doubleverify.com/ Frame 4FB5 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal94.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231980&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iyEFU624bvTS5YMEkJpwW2&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32487994&DVP_DBM_4=322707021&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=32694964256&turl=https://www.kiwilimon.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 09:29:53 GMT
Server
Microsoft-IIS/10.0
ETag
"80bea8794972d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19085
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame BFE1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15499
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15499/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-87.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=15499
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_dc=1; _cc_id=7f5a2fc46f6cfbf4a8ec437a034a10a9; _cc_cc="ACZ4XmNQME8zTTRKSzYxSzNLTktKM0m0SE02MTZPNDA2STQ0SLRkAIKE50pR%2F4GAH8QBA%2B59i0%2BrM3ZXMvxnZGR4t2QOC4x97ughZhh7977LAjD2rg1PuWHsw4sR6g99sYQJfzxxSgPG%2FrtxCtzIMyfhNj1D0gkA4M495g%3D%3D"; _cc_aud="ABR4XmNgYGBIeK4UBaQggJGBe%2B4RIBMAKUoDMQ%3D%3D"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

content-type
text/html
date
Wed, 07 Jul 2021 18:24:26 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hjcganpAeBAwmt-MHBs7b_gD4e5J1_VnfUNW4Lp-XtkMzpzyA4m2lQ==
age
78081
bst2tv3.html
cdn3.doubleverify.com/ Frame 40E7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=49800
Date
Thu, 08 Jul 2021 16:05:46 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 4FB5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_829873196677&jsTagObjCallback=__tagObject_callback_829873196677&num=6&ctx=1828362&cmp=115845&plc=4231980&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=829873196677&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=0&brver=&bridua=3&dup=null&turl=https://www.kiwilimon.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iyEFU624bvTS5YMEkJpwW2&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32487994&DVP_DBM_4=322707021&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=32694964256&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=142&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETar9EEADTbpTauTau27%60h%60_2a_4%602%60efd235aa6b3e2h526bd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=10.30
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2a7b134026d7047a44cb7912063980b37bb628c7f4a792a4e190185be8a268ad

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Date
Thu, 08 Jul 2021 16:05:45 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
7/7/2021 4:05:46 PM
dv-match6.js
cdn.doubleverify.com/ Frame EB19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=22337
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame 65DF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
pixels
bcp.crwdcntrl.net/ Frame AB0B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15499
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
40dc00e7ab6f7e1d55518f6e6ff20ea5d90c8776fbafbd71c76a704b4d2a6f25

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_dc=1; _cc_id=7f5a2fc46f6cfbf4a8ec437a034a10a9; _cc_cc="ACZ4XmNQME8zTTRKSzYxSzNLTktKM0m0SE02MTZPNDA2STQ0SLRkAIKE50pR%2F4GAH8QBA%2B59i0%2BrM3ZXMvxnZGR4t2QOC4x97ughZhh7977LAjD2rg1PuWHsw4sR6g99sYQJfzxxSgPG%2FrtxCtzIMyfhNj1D0gkA4M495g%3D%3D"; _cc_aud="ABR4XmNgYGBIeK4UBaQggJGBe%2B4RIBMAKUoDMQ%3D%3D"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tags.crwdcntrl.net/

Response headers

date
Thu, 08 Jul 2021 16:05:46 GMT
content-type
text/html
content-length
1191
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.14.85
server
Jetty(9.4.38.v20210224)
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070101&jk=1982443446707194&bg=!CwilCEzNAAYo4NJEKOA7ACkAdvg8WuqSwcS9WQdcpLC13zcottKHQBUvRTBJEPgZsE2IK-utI1wwmQIAAACYUgAAAA5oAQcKAGlpStxdoKb0v2gqHVk34bzh4noqke3sC3UgarVOuZmzx2Rn1W9GfGVGzMehfUQoPD7zIPt8jLMvWuqU_RSmNJ0oZDyFG5PrIk2jdVpWugIH8eVIqYbTvE9jTvOjQ8jGU2Ox7x8BckzUCuKZAnpcfPKELfPgAaLiu09Jasdllu3-d4ZwaMYvwp8ijlu5Lex76xNpBKIFxxJSktgnoxaso3jbuIt5LURDdzqom4aCnUnNI5dkzMqqCy8IYely_hhR1cUYImSMTTGYCR5PnjCCZH7SS8yjy_D2egkLDY4wIE4y5opyCDlMtF8hQEB-3yq77a6ktauJI4zkxH_J2Kjo-QrzlH_IPQ-k9erunn2rdBKshMkBhCqf5-JXe0EBQoOdC1u7CjRntfDZ3OUhffKBeFjgmu_rDc58-SieAVryN3Kq49ddZE1Zm8DoGl4oxCTU29NHqTZgOFDBCqRWe3Km47nm33zlcYE8V83gHpypDgZdPOZ2K6NuOf9yH40WywxRcs_cJrC9rqKFpMGGFSbI20L4eFw7VkWfj9Yo4ibLqEJN5Iij8zVoqsy3wcyU7In5t6twHp34Njoq-1Szl2c3-1u_JU8hxqavfXygkkLVbBywOevr5-bY5KXMaRjnuMc4bG3PyaJYBzVb-B8v4pX-mHWItJqIR1P9rCgN4lydQRI9yHh5UxByJOQjuMazWOGtXnRRrSEpNiHaRZFJSq3WhSYlmL3uMsvzH3w5jVkS_C3cSYAyeXHMvSkNr7sbOc5feJMy26K9QxQjhPFwsB5snXZxyh7oFdBO5-4JTX9mQJwvDo64eBrSw-Br4pRq3zufmPT2tDYdYaunmscL1YNP_et66E_AwkyIzEFFw6rXFLDMsT5o68dEZOmEeT4HmdXqIoGzAgtOptpOcomB58c-1t5sJBvbf5dx-5Zvvg61bUkdvj1l3ytoETwGWuCUf5rrfE_e-L5QIdFAAOE2zYV75SE8XaSScb88
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lotame
sync.sharethis.com/ Frame AB0B 		42 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=7f5a2fc46f6cfbf4a8ec437a034a10a9&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
utsync.ashx
ml314.com/ Frame AB0B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=7f5a2fc46f6cfbf4a8ec437a034a10a9&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Fri, 09 Jul 2021 12:05:46 GMT
382416.gif
idsync.rlcdn.com/ Frame AB0B 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=7f5a2fc46f6cfbf4a8ec437a034a10a9&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
5907
tags.bluekai.com/site/ Frame AB0B 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=7771a6decc55b59ee6d95225b3af4f84
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
insync
thrtle.com/ Frame AB0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=7f5a2fc46f6cfbf4a8ec437a034a10a9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.4.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.json
aa.agkn.com/adscores/ Frame AB0B 		103 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=81%2C61%2C14%2C12%2C125%2C8&c=15499
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.248.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65DF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpxOQWSLnYLCzOqWMjuwPocWYkAsAAAAAOAHgBAI&bg=!6eql6q7NAAYo4NJEKOA7ACkAdvg8WsWRF_AmvV3q4Fj3xB3qCFjjQZlhrG2RlEXrma2WfSLk_9DRKAIAAAB7UgAAAA5oAQeZAryfR7_1a34LQ8gqG8z0SaUB0NG0_NRr3etkVkbp_VgbjRfonLFvBfr-TPSG20-qa-o_4nSiGbk-LUUk_mLlunFWPURKeDAPTwS5NVXu0S98qK7IKjZlloCjl8NTnWoexaWTN1N97CxqSoFh8ETwgvZ47XhVOlh4dTPbUOkp6wnboznuM5tvIgIKZtw7Xh-IJd3PWtyyPS3pnpDC0ooSQDf4aVyeLf2CoshM-MYNNgP8AoW8g6TAUOY5RIIfm5mpW9zSxCdsqsgNoCLNSy8nD6b1lfnNgQuuJjGkjSWiSHgTO7jNaWd3Q6cdBeH8G1aYddFGD0V7yuk4-8kyPlUeW8eBsFUpT_zsA5hiFDmy8baRXoelxBcQm3s6eVAB-Gr1bEvqMnL10Stb6Ajl9IDoKx5pQTG-gY11sIOkN8gtCXcN8iHUReZfrsDFBmZvQi2q5zkpL9I3DJYliIN28HS3TE7x0l76d_uk4CdphVpEuHCbOc0WMOHTsRZEsVEjGEJy233cfAUhpjqwOXVVXH9W-8kFYOIdrnueHsC8xEiUaEFtWmAUphwokAYZBYfFrDBIPefTnfGEkKHokJfSQ2lEGp6JfMSp0uzBwg8uLpVQWFE6ey_b6BspvHI5Xaa38jf4DRA7OpNZDZ2DkRpy6ybqaOUsraeLxY6nmHtitBD-A8vOvbw3i3UIqkqBf3f--HpiavhhRz2MtDLCTfkhEGX-e7uUXFQmWwBldD8SH91M4x8gVECqSfkN9_TAsonA8sAamFmftZK9hs43tim8vCPtcKtk4xv70hlAtU1jOe2gbv70WVSCIAoc5U_nTs95vycH_4lIfHEPScKN6zD1ATIv_b6uKCLfxjH3Xxjk7JPkFeXsrx-C-RjRaFgGrouT7ic_RpW8KKVSgDB44yVDOTN3Mfr-XpPEoAjFBgE3VkQr
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 4FB5 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 15:29:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3828
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 19:49:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 08 Jul 2021 16:29:04 GMT
bsevent.gif
tps20514.doubleverify.com/ Frame 4FB5 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20514.doubleverify.com/bsevent.gif?impid=00bf6c0080844efdb522fb1d569c10ab&dvp_or2=1&cbust=1625760346444783
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
7/7/2021 4:05:46 PM
bsevent.gif
tps20514.doubleverify.com/ Frame 4FB5 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20514.doubleverify.com/bsevent.gif?impid=00bf6c0080844efdb522fb1d569c10ab&pltfrm=Linux%20x86_64&dvp_ac_version=0507&dvp_acibv=&bsigr=549755813904&cbust=1625760346445466
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:45 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
7/7/2021 4:05:46 PM
impl_v76.js
www.googletagservices.com/dcm/ Frame 4FB5 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v76.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 08:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15557
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 20:05:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 08:17:05 GMT
B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwil...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 4FB5 		35 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwilimon.com%2F$0;xdt=1;crlt=1U7kMOYy.G;osda=2;sttr=16;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
373b095d12c02a60cbe9037c5e729744f0a5b5fae609cb90b675a1855804a1fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videojs.ima.min.js
unpkg.com/videojs-ima@1.11.0/dist/
Redirect Chain
  • https://unpkg.com/videojs-ima/dist/videojs.ima.min.js
  • https://unpkg.com/videojs-ima@1.11.0/dist/videojs.ima.min.js
36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/videojs-ima@1.11.0/dist/videojs.ima.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b11a7a6a4b771ead01e2060b8983d0b37f6f3e01a7e74f0140eb04b69459c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347268
fly-request-id
01F542AKJZTD4YJNGFA4C3CNVH
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"9045-ET4PYiRtQ9xVyviZwx6e1Q0yCzM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
66ba8e57b9872b89-FRA

Redirect headers

date
Thu, 08 Jul 2021 16:05:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01FA3DW5XJC48BVV5RZTRYR6NP
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/videojs-ima@1.11.0/dist/videojs.ima.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
66ba8e55fd722b89-FRA
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 4FB5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwilimon.com%2F$0;xdt=1;crlt=1U7kMOYy.G;osda=2;sttr=16;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4FB5 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNfKmJRJNURH8lpZ-fkKpVQLvVFAYIZKlYVG0s8MPrkkqalS6CufIIWWTUT-XIu6b6B3z_-Y-g9EY22ZM2T4KsCi9i4l22lS8DxbKxrxb7YxDEqak5BVH5TY0t99-6F4hsJMgWEUO0qEakI96ytG0hnNKA1CZu&sig=Cg0ArKJSzIg-7PEN_QboEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.25881&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwilimon.com%2F$0;xdt=1;crlt=1U7kMOYy.G;osda=2;sttr=16;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 4FB5 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&num=&adid=&advid=2276943&adsrv=1&btreg=315303753&btadsrv=doubleclick&crt=117630481&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwilimon.com%2F$0;xdt=1;crlt=1U7kMOYy.G;osda=2;sttr=16;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
84de9e9252f099570390c72929b369c63af2b3379ce28173d7220cfd0007365a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Jul 2021 18:32:40 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4b022cc71d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3172
adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 4FB5 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/2276943/adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 03:38:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 18:22:57 GMT
server
sffe
age
44828
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61905
x-xss-protection
0
expires
Fri, 09 Jul 2021 03:38:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B2E0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dv-measurements1474.js
cdn.doubleverify.com/ Frame 8FD9 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1474.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9be3fa23762240b2bcaeb4c6df710c13c6b92c784796a8810007f510c59a3b77

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Jul 2021 08:08:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80cf8cc4ab70d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88955
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A41F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Jul 2021 11:56:19 GMT
expires
Fri, 09 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14967
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4FB5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be230c9f225e2b3290f4ff74ab9d9ed81c41b1f8fae401014efb487e3a775b97

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 4FB5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNfKmJRJNURH8lpZ-fkKpVQLvVFAYIZKlYVG0s8MPrkkqalS6CufIIWWTUT-XIu6b6B3z_-Y-g9EY22ZM2T4KsCi9i4l22lS8DxbKxrxb7YxDEqak5BVH5TY0t99-6F4hsJMgWEUO0qEakI96ytG0hnNKA1CZu&sig=Cg0ArKJSzIg-7PEN_QboEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=96&vt=11&dtpt=95&dett=2&cstd=0&cisv=r20210624.25881&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=76.220;sz=300x250;u_sd=1;dc_adk=1468183372;ord=ed1usv;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.kiwilimon.com%2F$0;xdt=1;crlt=1U7kMOYy.G;osda=2;sttr=16;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dv-measurements1474.js
cdn.doubleverify.com/ Frame 6A8A 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1474.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9be3fa23762240b2bcaeb4c6df710c13c6b92c784796a8810007f510c59a3b77

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Jul 2021 08:08:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80cf8cc4ab70d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88955
visit.js
tps.doubleverify.com/ Frame 8FD9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=46&ttfrms=37&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETar9EEADTbpTauTau27%60h%60_2a_4%602%60efd235aa6b3e2h526bd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=873&ddur=8&uid=1625760346756334&jsCallback=dvCallback_1625760346756794&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1474&tgjsver=1474&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Faf1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=6&brh=2&dvp_epl=255&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.kiwilimon.com/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iyEFU624bvTS5YMEkJpwW2&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32487994&DVP_DBM_4=322707021&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=32694964256&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=534.2541016102397&dvp_tukv=225586957258.52072&dvp_uuid=92126495356.59435&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=822379197808
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ee5584d9416d9427240537d914411e180a8094e93647abb726dc36a54a883921

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
7/7/2021 4:05:46 PM
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqr...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNSc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9jaVdnQUFCQ0ZBZ2ctMw&google_push=AYg5qPLv63TZBBdK_E4qY8NBdfDW8LZ0FSKopcuXlqrfDyirXFtOiTTfiJnViyn8hcrlSUfuvP91ZVW-NMm5Up83FEdfqJDNScNs&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3pqcHVDSlUxTTF3eDQ1&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynup...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3pqcHVDSlUxTTF3eDQ1&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynupmp9-vN5uH2U6BlOoaH-q7CLeKIhRX51_l32Cg_TCHOB1OsjecU7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V3pqcHVDSlUxTTF3eDQ1&google_gid=CAESENTS2ULQ_vKByyqq_4QJNuA&google_cver=1&google_push=AYg5qPJ6B9qQKrqrMslWMVPWN-BkM3iyI2k3EaihIOQynupmp9-vN5uH2U6BlOoaH-q7CLeKIhRX51_l32Cg_TCHOB1OsjecU7c
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDFQQe7hQiIl_tOrz45R9VI&google_cver=1&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v&google_tc=
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPK79Mop-8NFSuDitcOLf1stJe271kIIugvZEsoCFqBPJifE-Nb3jDyJvyE6UxeJ-pdWSNIDVjRxZdkKceh8sYRZHbkURo0v&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
399
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELdg7O8De4oHWnlwBnQfdvk&google_cver=1&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgVd5au2uWk_hBT5
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3694860CE8C6446DB18AC18E021C3E26&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3694860CE8C6446DB18AC18E021C3E26&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgVd5au2uWk_hBT5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Jul 2021 16:05:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3694860CE8C6446DB18AC18E021C3E26&google_push=AYg5qPKks0wE48CmkLAFy_gIpxINTuhBzVdIw3SQOWXx00_9AD09d1jlm8w7PA5Au6Z4ukPOC8VuPt2g972yWgVd5au2uWk_hBT5
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 07 Jul 2021 16:05:46 GMT
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.targeting.unrulymedia.com/csync/RX-6f042fd4-3583-445b-bdd1-5a27c7efcaa8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ8nx2qKXTd30H9N6cIb...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp&google_hm=A28EL9Q1g0RbvdFaJ8fvyqg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp&google_hm=A28EL9Q1g0RbvdFaJ8fvyqg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ8nx2qKXTd30H9N6cIbcfL7Dwrwpj9xDN3lvtuqCf5GVPQ5A-cJFln_rww8Vr_1dAmV30VVzkUJ9cNgt-Qai-D155G20Zp&google_hm=A28EL9Q1g0RbvdFaJ8fvyqg
date
Thu, 08 Jul 2021 16:05:48 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6f042fd43583445bbdd15a27c7efcaa8003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFnxJAYFFe91lQ0SIs0vwYM&google_cver=1&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT88...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT88...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcyODAwMDQyMTIzMDM3NTAzNjk%3D&google_push=AYg5qPK5QAw49XGSo5yxczqXNE7qgTdpCkGASwx0i_j0-yFF60ZWvoyng7FT8802Jr5HBsNQXJzrZMp1_6riMQlHB-tYG8p3yHhN&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
467
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A41F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESuhSLt0_eCtS2PVS52bo&google_cver=1&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESuhSLt0_eCtS2PVS52bo&google_cver=1&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OVJVQnVkRTJ1SGpQcThjdzJtS2JPSFRVUjYzWHBmY35B&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OVJVQnVkRTJ1SGpQcThjdzJtS2JPSFRVUjYzWHBmY35B&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs8_klelHYRx_xg1ch6UDxhKebfmNQ
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 08 Jul 2021 16:05:46 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OVJVQnVkRTJ1SGpQcThjdzJtS2JPSFRVUjYzWHBmY35B&google_push=AYg5qPKXNKcHlrem44F85-ioRLuiTYWxpbbZlFQij5tIt_4_fHibBORfxgDCzBjGKTJvNWerJs8_klelHYRx_xg1ch6UDxhKebfmNQ
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A41F 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4GwbKXjl3YsYFtZrLBwh3LgoRpGvBtWD0gKWa_pivwqXfk4lMB3i5RAszFmUc-TkSzLAIng
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame B2E0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 00:58:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
227207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 00:58:59 GMT
visit.js
tps.doubleverify.com/ Frame 6A8A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=104&ttfrms=9&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3AH%3A%3D%3A%3E%40%3F%5D4%40%3ETar9EEADTbpTauTau27%60h%60_2a_4%602%60efd235aa6b3e2h526bd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=873&ddur=8&uid=1625760346825494&jsCallback=dvCallback_1625760346825199&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1474&tgjsver=1474&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Faf1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=6&brh=2&dvp_epl=255&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&crt=117630481&btreg=315303753&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=534.2541016102397&dvp_tukv=825740714454.2335&dvp_uuid=27653189871.78808&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_tuid=1066649131858
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
72bb0c3d98c352aa24bd8f1217223f485c9f37096bbc8d4220f48c01bec0c9fb

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
7/7/2021 4:05:46 PM
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo8E3WiLnYLHVIfK5lQfv9IWIAQAAAAA4AeAEAg&bg=!TE-lTwvNAAYo4NJEKOA7ACkAdvg8WiA0uAbAYN9tYkPyGKrCmuS_-pbaUqF3jeuJ-KDsKqU4Yqi41wIAAACBUgAAAAxoAQeZAs98JI1dOFLNtWfg9hXFgixKoTuxjG4Pbv2dnQmVBf1628wXXoesf_fyaJ11WXpUNTfTihC-tky1S84AExez6jjCfN8ldWjXt0EhESV6UtMx5T2Tn4F-w2KDeCqrg14jltR2NJvUeWyusHt86BFiW0w9zl6_PB5Dla6sDsJ1rmca3wxxmmR4yNuQIjtEBGxfbIPgawA1yBRFGnJhERl2XLg4vD3kaeM3Xv5CHazIxiV0Cgc1E1uvc0fI_KIhytcuphXeoMFcP7ojEq_YQVJ7NlQCgcbSp1e6F-0Z1_OYDwRtlKst37_aJehPa-ZWJ5BhywVJcD-HY96kb9DJJqw_MzgPPzxAJUo4NSDkHnuvhYudmtCQsHGQDPAULsbKzo3BoI2gBly9VheAR9jdjUcSessM3yTH1s--1-IBPM3E1nY0OWLypiP__Vgm_uRgmdhAQwadX0me0Rx80OZNnJ_4gZINWKEMipr-WmjfTUK4UpM8SvWGKOmDXAqAIop72Pn8vDp7E7jVhiWmCRqcTDPsyrpdqnF41pE6RdYRwZehvb0bct7YIDIQANNwgY95L-c0pdwbgYUK5OiEWMe0vzmLaTHxZRfmll-Y4jCnxVLC9rcB3vyAIX18x3dNufZHGmn_Xvs9sASu0y6HnL5tovfje3wFwuCE0PGD9wMre-5k3vxa6LH-St_b3zlJ5J8JvdC9XJLtEMELYEvisgwFijlDBYOZHRtWcUjchiFw-AAiwKCIRlkSFZ6L6zdUI8e690Wr6LTN4qVSaW8dhyfMrEhpmSqI6UwQLfUzhl1dFb7BR0HWln7lHf_A3yWDXO-tdWnko2yxkaXPaM8UP_AvqF0YKEmUa7WHCLmKH-eaM3nRaokwccfn3F6hwvBdqJIFkPELsLP2KjGmFoJoXWvaMKT9vI5bQExWXj5XV9e7VVKtN6rd4TOtmB6wYRoH-s0JvPmVtw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4FB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsur8Z9QOt8DmU1udSiCiprdifmTvXFASfYgmumhTpuGgfjR6LZim_KiXUSseBbPXenrimYbuN80Nde2z_GThSGodOjggKNd&sig=Cg0ArKJSzOr41nyFhljGEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210707&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&app=0&itpl=32&adk=1468183372&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4FB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsun2B_c7wkz1_ET6u_uPtfgx2CmLIojYENuBaRUDqmGjV59TKhQ9aynkmh5fUtnjdw9lch3m2CH_DfFxEeVPvdI7o9QVsmU5noyxcxGzsiO2eYS9DKZcSrehmVUHg&sai=AMfl-YSE1gwyDd1JiQkaXzrcOk4foPorOPNsb7y-KDicz6aXrUmg0DoxwoQ86TKN8jAIJfVNw-3xi8r3AekBWNyiabLYEe17Ab7cXUcGQRWCRdkFjhFsDbtCy2I_PD4&sig=Cg0ArKJSzHdJRTCddjrnEAE&cid=CAASEuRoif_aIptvYpoGKWbW_LOMOA&id=lidar2&mcvt=1001&p=1059,1140,1313,1440&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20210707&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&app=0&itpl=20&adk=1600721462&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625760345731&dlt=175&rpt=173&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 08 Jul 2021 16:05:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
event.png
tps20246.doubleverify.com/ Frame 8FD9 		67 B
463 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=f515fa7c2c4441c38e22d49f3b2fccb5&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=67&vdur=179&eoid=6&msrjs=1474&pltfrm=Linux%20x86_64&dvp_ac_version=0507&dvp_acibv=&bsigr=549755813904&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2232&cbust=1625760348959350
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:49 PM
event.png
tps20239.doubleverify.com/ Frame 6A8A 		67 B
491 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20239.doubleverify.com/event.png?impid=2ba5c724843648a4ac4c58b1b742bca4&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=19&vdur=148&eoid=6&msrjs=1474&pltfrm=Linux%20x86_64&dvp_ac_version=0507&dvp_acibv=&bsigr=549755813904&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2159&cbust=1625760348976491
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:49 PM
event.png
tps20246.doubleverify.com/ Frame 8FD9 		67 B
463 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=f515fa7c2c4441c38e22d49f3b2fccb5&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=9&ismms=48&isumms=47&isvelg=1&nvr=6&isgmmims=47&isgmv4mims=47&elmtp=6&isbxdms=2248&b0=100&b6=2201&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=2&dvp_vsosnmr=16&lftb=2301&sftb=2301&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1048&isuiabvms=1048&engalms=45&dvp_dpr=1&dvp_valpct=2&cbust=1625760349958548
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:49 PM
event.png
tps20239.doubleverify.com/ Frame 6A8A 		67 B
491 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20239.doubleverify.com/event.png?impid=2ba5c724843648a4ac4c58b1b742bca4&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=9&ismms=17&isumms=16&isvelg=1&nvr=6&elmtp=3&isbxdms=2216&b0=100&b6=2211&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=2&dvp_vsosnmr=16&lftb=2311&sftb=2311&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1016&isuiabvms=1016&engalms=15&dvp_dpr=1&dvp_valpct=2&cbust=1625760349976336
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:49 PM
bsevent.gif
tps20514.doubleverify.com/ Frame 4FB5 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20514.doubleverify.com/bsevent.gif?impid=00bf6c0080844efdb522fb1d569c10ab&mascid=kqv3qfhvh2q09bpc49yxzk5risq8kzqp&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=692&cbust=1625760351099290
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:50 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
7/7/2021 4:05:51 PM
event.png
tps20246.doubleverify.com/ Frame 8FD9 		67 B
463 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20246.doubleverify.com/event.png?impid=f515fa7c2c4441c38e22d49f3b2fccb5&gdpr=&gdpr_consent=&mascid=kqv3qfhvh2q09bpc49yxzk5risq8kzqp&dvp_masver=1474&eoid=10&cbust=1625760352062479
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:52 PM
event.png
tps20239.doubleverify.com/ Frame 6A8A 		67 B
491 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20239.doubleverify.com/event.png?impid=2ba5c724843648a4ac4c58b1b742bca4&gdpr=&gdpr_consent=&mascid=kqv3qg1yi0nrgi0v08gnuhlww72j0wyx&dvp_masver=1474&eoid=10&cbust=1625760352078355
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1474.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
7/7/2021 4:05:52 PM
auction
tlx.3lift.com/header/ 		19 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.40.0&referrer=https%3A%2F%2Fwww.kiwilimon.com%2F&tmax=3000
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=358388&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221476c01cbd7bd94%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiwilimon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221596ed82f88fa36%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358388%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ac167c37a06bb35419ee184a353f8375237b09de470f173cbd31dc40dad6c2bb

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kiwilimon.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 16:05:55 GMT
hb
brightcombid.marphezis.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:54 GMT
access-control-allow-credentials
true
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1dc93a80d9de5714785ee7b38cf0dcda828883e9b5e1e2e9f91c397dde893115
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:54 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0bf458b2-c75b-4b47-8795-2ee25c220fd6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bb2da98f3b8b08056284d06697876cd044aa224663ce644c966a796378d7802d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:54 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e8eb3db1-83c1-4429-b651-dc462c71d5aa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
04cf078616ceac8a0c029ff92ff8b13c0fe9147891ea6532400adb95fe53ef41
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fa9ca067-885b-48aa-a146-ab2cef69b245
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.40.0&referrer=https%3A%2F%2Fwww.kiwilimon.com%2F&tmax=3000
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
87f4adac473d43aaf9b03507ab808d0cb9d51ea7ea076953a5a4d387183ec79b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:54 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7eb565b5-8025-4100-bfef-42f9544b8706
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=358388&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22291e8b1d6dc544a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiwilimon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230d83dbc3d2cdc4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358388%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bf3eafa67c711218b24e1f321ef4c1de73719d712cd547218ba360f2e87398c

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kiwilimon.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 16:05:55 GMT
hb
brightcombid.marphezis.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:54 GMT
access-control-allow-credentials
true
server
nginx
hb
brightcombid.marphezis.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:54 GMT
access-control-allow-credentials
true
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
09afc8875d70adf999313682a86121154bfe0c62f3b7b7a6df03ab21b1af491a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:54 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
14563cfb-fdbe-474c-9ed0-0d721a5c0b45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
brightcombid.marphezis.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:54 GMT
access-control-allow-credentials
true
server
nginx
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=358388&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238680c9ed2f7bac%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiwilimon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22398e8cbb16badc8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358388%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6585e4c395890bcf8a4c009add8cd0aa9fdebfa538b16eaf089e3e575571797c

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kiwilimon.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 16:05:55 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b5b166387548caf79205a116b2f8991e298626a084d52e09c979c2802eaa0ad2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:54 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2dc5039a-5616-45d2-a574-9f1bee838464
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.40.0&referrer=https%3A%2F%2Fwww.kiwilimon.com%2F&tmax=3000
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
tlx.3lift.com/header/ 		19 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.40.0&referrer=https%3A%2F%2Fwww.kiwilimon.com%2F&tmax=3000
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=358391&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2246dae439fa1a4b1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiwilimon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.40.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22470c2c33ab33cc2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358391%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22487b87e95a9f10d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358391%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0baf82743d794e3c67b69e2c250218e2b7d3fd6e44ce2010c1e9d54807d7982b

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kiwilimon.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Thu, 08 Jul 2021 16:05:55 GMT
hb
brightcombid.marphezis.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.58.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-58-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kiwilimon.com
date
Thu, 08 Jul 2021 16:05:55 GMT
access-control-allow-credentials
true
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		139 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ed1d793edcc10321da64e014d42a49c59440b5e894c098b727deb41e61cea457
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
03db4b50-a388-4643-a610-695268b232b3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4c1cc633c05027fd461b26cb37e1a884ccef68758a3a428922d984a3b06a8c96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b5d91d5a-3c51-4092-93da-d991086f640e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kiwilimon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kiwilimon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=1027755987093534&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_sticky_web&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760355&dt=1625760355039&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=2761965187&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x90&msz=728x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ae73d52c8073da441a52038f180a84ea29ae34813c0298c5b52df95e9f1d31ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11185
x-xss-protection
0
google-lineitem-id
5599996001
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337846281
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=2787418546170495&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760355&dt=1625760355097&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=1130&adys=2303&adks=4240719409&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x0&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=4&ohw=1280&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
7ed2a9afd151cd36c2d8ae9c8bcfd910bf0e781f6ba8ba37c46797ce1655c5a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=4051091848892859&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760355&dt=1625760355108&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=170&adys=1721&adks=2452451440&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x0&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=4&ohw=1280&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
3792beea50b2db46599bfb0fcdc1d55ecaf1015abb904ebb167af5e4103ff3cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7138
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=3488081385710835&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dbottom%26keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760355&dt=1625760355151&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=3013&adks=400297622&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
dfe7a7261ef5998343c20455b998aaa73af990d107e7cb84c21bf15564031f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8815
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1982443446707194&correlator=2703894050487575&output=ldjh&impl=fif&eid=31061423%2C31061650%2C31061756%2C31061425%2C31061166&vrg=2021070101&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=3879499%2Ckiwi_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=keywords%3D%26type%3Dsin-video&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1625760355&dt=1625760355265&dlt=1625760343550&idt=1508&frm=20&biw=1600&bih=1200&oid=3&adxs=160&adys=3305&adks=3725769955&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiwilimon.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x0&msz=1280x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=856512278.1625760344&ga_sid=1625760345&ga_hid=859212272&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
d3fbbe223dc61ca773d10f5d3dd7e31d7161a85386de057781c5969563e55dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8614
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kiwilimon.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D37 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBJ6efk4UJ49qgO0nds3rEeb_n56ye5TaFMvbYyLonr3gv0OoerCzKlnjhjrP4_XDm0cGoL-XbHvsUEVeQZnsfFkevdD7ZZTWANiq4n1B9kzXTGehRri79wCgRaXKOxPjwtj-igDdxrmiANrsvRrnLASOYY6fpCJPrMU0WV7DaUtclfoIw7frFFe4LDzpEaq6TTUIIQzQq71q1aMQNKTp0GZVNMLy4rMwz9GJaHCVtRE3_QbcYAWQGcqvNDRDdMa18R1EHokZwJ5qrxdZRV7Nhsz-rsGXjzOJrAtnDo8Hfi3VjUAn1Dvqs0FXGeF2uTg&sai=AMfl-YQsikhAoKgt8_LblCrxdfhAxK7CEngIJnJVSymCZAzVUEu35R83fWd3tg4iKvpVhBpw3Ip2YH9HcTKVX-nTnPLr5fDxhdnZXNGA48DNCcpiusVUSAR8kAJ0Wc6FWY0&sig=Cg0ArKJSzHxC_6qFCFZmEAE&adurl=
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Jul 2021 16:05:55 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 7D37 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 15:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 15:58:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 7D37 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D37 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
l
www.google.com/ads/measurement/ Frame 7D37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0OIk_ihXoVZurlNq4O1dQfq1l8OAJ44ZE2g44ntRRSb609InYin9SM2gMelXC3bYFE2tg06ZLJ9TpMosb68puLEv__Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1586540009667194905
tpc.googlesyndication.com/simgad/ Frame 7D37 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1586540009667194905
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0ddad3ba1b0628c0500f8f4dbaabd026491beb3c7eba8f208477da5a715efad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 10:27:33 GMT
x-content-type-options
nosniff
age
193102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156513
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 22:02:16 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 10:27:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D37 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstipy-WnhT6c0QZqL6pkcqbmDtxfGjQIE0Z30d-yzsHFuX_L0g_yGd0Ww5i6wkF2kIxPOn0qRcsnqlbrnD1enX3halKSFFP0k1y8ODiBAz_i1V11c0utmeI1QtMhd60n8B9K9HGhDNSFO7bq5kl4w_cFyShapid2tmoGVhjDyJvQowJ_bqeH4xEt0BlcM8Rqa47kzQrs1Yr6LWea5bSotwODr4uGA-FucW8yt7gDod8HFGzBAKIcduUdmwNdvFpvzwKK0hQg4FMzcNPY-XeWXOtrsaFH7kxR6xKAh1a83WhgJG1u8o0nzzT0U5Ky7c-v6ab&sai=AMfl-YSnL_TSgJjbMdGivYLn8soEz1kQupurrQIClbr9Q-lqDDj9TFU4JfUJwjD0xU2BwAexdJ7fpy0aI9roeQuq9hS4-1tKKHoO812UPnNqA-vJYKXtnwhhCZVHXOgEARE&sig=Cg0ArKJSzGU6nCY7N78kEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Jul 2021 16:05:55 GMT
truncated
/ Frame 7D37 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
623df7617f31d43de512146c39725342eb88297e090e0c55d7cbc3310aa81fac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9917 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 347D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3C1F 		624 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn6Qb2_XL-EZcnLTbTxgDg3rMhBUnwqKu2r5M3h7FdKuJzrWsqb2fPUdbXstSU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 16:05:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Jul 2021 16:05:55 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9917 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiK8V7QudFnm4w0Wwrj_BLNwYuR59eu2cEKNKxizOMtj8BFWqqO_2fcxTyKB5osIvmZLDaLmqDcCALvbPi75I1rowEO403r5foBSiCHPGAYWeCbcwZojtTKQ3KBQZyuFP7Zi6RBE20HzGnArZ0ftWZpUncog&cry=1&dbm_d=AKAmf-B53btbjrPj7-yP614rS6dV0THEikmsr-XGmLnFoYfzRqqfm-VqguQzd90EnrzsP4lBgjWJ9QwYDN4VK-cyIc2XYZXBpxcnzCCKskpzNaVwbEUwfvfKBgBcy3Tx6o9MDWIAgge_1UirjL4xkv8Aa4g44HW7RqD1L089tS6ztPgtrZIfUpFoKgBJTrqbW-SIAoAYL_gkgPdeOl13ucpq6XBpzrJx1XLqLYerkrPl0YxEJ60JvsInHf558aAS1Gt32u-FE97Ri8gRYDuU1JPG1bUm2-V7E3DdNBdosVCSqnuaVqC6anHSzTVZFqi5DDFBbRSX7xoe4dm7GmQBgGF1JW5US1wtP9GymZ26TNLoTjtK7qMTgYNSsQSehC3F21bogDBHPJOXu3rAHfguOZIdvu11LC6JrlpBWDBdQKbE4hnHakertu4zY8WSo26BHi_uW041Qhc-zQHZ_UHU6yqHYZIUOhM-lwnPbUjf3rJ30s85P3nyNVOUTtk4CVw4NSHiXEEZrtUFg1vDCtBiPMQplQ4eMYfwoQJ_lDi-50DkIJqCkDzqYAgyOrHZhoNwJoBxQymL9Tq1XnO1qpxQgppaub9VgIXUsw-t3u93vDdRnuvSRwH_77qdOrrnkACZewI-qPfguwejBAkyz4xOp-G98q6dQZ5fs9GMpRvygReWiC2ymFNUDZ67GaKObSQcqx5Fxgv6ZXIXrKlTb8BAvEhYZvLWFUw9S3dIOxslJTwYl7STfFku_o2X9PlFqBXEAshzs94TodzrJWufxFtMIbMVOryn4JXbR62Pj0n8t9De9E34QBokKQ6xP4UwWni0vpMimfqhOiSVZibowxQP9RPGgilikJOogBpU3yua6ySiX5o5bcjLlgJ9pHo4fbGjX71SMn2-Oe0Dym4Vuc1f3p2kwKUNcDgwbUCYIZP7pmqWB06Lh0nGfX4sQ-6SpJQhuiHbx0EBdqZ_HivL67zh106yldzS-EJhvOKC_QE_m_V6OvB00U8X9IHpeYRYxDpQ94O3usoh_AsonjYClfFs8y9JH_Xp2_CX0RWI85F3-Vkrv-7EeePFi8-7kUg4OFTF1F5sRoVp4Irxlg2ekgvSc9eJ7h2QHpvbRFoFHbeDPqzvz4NEc_Xkrn0KdbyFEQ_k5nxXIqpPlPzRJFFyNQ8d2AnZUwV9AShg8oBL_YiNzyFGKj0sISGO_Wjex1HnFkWMq9NCKl722wLsLVIM_2qewQhXa2GlOoydaFQS8SxufJCb1PTum-oI8Of-WyNLgBX_62qYc8_Dfi6BxgGPTbq9pPBs0ZsIU2IkF_ru1dD2v0VsepYsN6YsOpvyIh5fNg3qoklzqhVjWcHdqnb1LEnrtzON5StKJbym0vIa7lNjlaRRh9aAyb6kX7A2GYrucFzH2JlZ79g4u_Qke_suxa5JJL8LKZfYr-9oEq-UhDg0FEGqLAJrh_Tkb4Fu2Ri4gQ5XW36U_rPgyBBPhxUzvCYSzAiCFqg-RN6F86d_s-MwrdPw7lVXrejtEJiOpZGLAUtC0E64FzrW37zr6bL-HeI3MtpgpgMeRD3ny24wLcJmPqF0_IBRr2UQJrEvCyziK-Yv8jaRZfhSY6S9XY83zszwWj5S7_TsbIKJVfQakdD4gZM-tPhrSbJaYUig-oY2J_KbwbGjOkP9C5iQtXfv227e_IQ1z5bhFjLceuQyIku4dYk7tYW2RlYxR-eTAZmhiO-3euC5WH7_u64-d0YWgUBJMhTCKHekXVcXnP8WRLWVGnNgpsfi4F6sA1GoDfLgnyEWR77afOhTxKeUI0sGCaGlx31sNsLJkJnOhCc0OEo84GnQr55s1SMCAKTXia-VLXX_RQdyZrPqMQv-NFjNDagKAmTb4c-2FSgWK7yNALEDeHwCR57spLeH84XGAPLChhynnCdv-P-Vj_RLST-4fuF0jb3Gg5mEBUznnLG84YFZtI3j_Vpwkm0alTHBqf8FlVBMc7qkgUcdN5tfsecQ4PWd6VCM0_0MNgi8jUtiHrWzpXD_9XGe6yO3hm2EfZ2vWEyeW8OC_7qo-jNAaYhHqTWDPz0-yJ7bap-jJ8mv9PsU9_4HGVtNGPf5iG0gHaG9APz84cQvU5eMuwk8h6Vq6Ba8_aryibXBwgjnLF0qTidkG-98GMaeqIR2fHMcjX-24yc5bza3zmJnUtexXhw4PvwcqTN2Iz0jrF0MY4JleLDDrEYUZKtsv5VYiYOzkgD6jn3dVlio7pnDTbzNlomLNIxKMB_CNO10LEzYznzCYyTQkTrkWpxrmDE1hrDth3um3s-Oii2fTY5BmAgAbDmbH46ffxz6uhaTqX2lnfkhGUqoDz8zAmqYnMhd9MchODDSH87blJnJDMDaFy9wq5n4U8VuAiDd-hd8K4JJQaDMsLkzBLAELYexF9rVFBUYUughg3UJ1PlU00dNju5WJCCGgSe4v1ouHJRxXJsIvsUEx9anFfiEoyHM6JSoFT6NkJLD7hqsCLtJO0zwOJN10U4Nl85_ly9ffNwU0PW6mPGdj5yHB5DInh9nv2ugrLAHx4ajDWBvtWTKQo_aPDrKyvlWILmuO86Ib4HlN8izjaxc3mkoslvDTE7uhoW4kWgUWmzo90S2wNeOTcuUISm-P3FCLM-QgctrXhc74ScNuOzNUc2_IzV8qS_Fq-8PUNuTyUi3-o_H4VrRIFKGsu7TkXjtU45tflIkcXEdFIjMhgO91ZG5Rwa2oJYs_g_PiRrLfmN4eNZ8OD5eArtnrk0yJap2R1Di7w2b09wdsH40uojihUPebHI5C_nV4wARIU3-07g_iPT3HrI4NDrnN9w8oCbcfWLstSsEMWt5yUrUniyWCuCEmXhbsmz416tUStNY9VrADfAwfHaqscNT2bqa6Waq5OpsYm_GsYy__yJDBLKVdrMyvW3Z4B1SnJ39W8i3gobB8ruW2Wi7oDMAy01rrVU9SO3BWmRYmnE96Di1Tyw8a8Z1PlXR4kWWZdx-FiUXqFsYPttsejd3z1d1eh9LGiO-mSvNvmct-VrLFE4XQg&cid=CAASFeRouMObOH4Drn43KtZfPADsK69QGg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f4f3427fed327f54f999f96571c8416c73bd8379c742e7efb9ca50e2210ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9917 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNjcSHpgIFomHXLFiLW32r106MB9VUHrWtl1cPCl7ZAKHTySXSwwPiy_LhhkoqZ9hOjbqhOo1iIB1a10ZOuhxgTwF_0YohEElWG2vvviKP3Vz8Jyc
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 9917 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9917 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 9917 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
l
www.google.com/ads/measurement/ Frame 9917 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhi48kShInt9sF9y-D-KHEZPgy0iMOWccyjPEK2M_oESeFlB5NMWIJpYbSO5j5fc_2w3l19ap7UU65RmXlOgZQaKSw0Q
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame A9BE 		624 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn6Qb2_XL-EZcnLTbTxgDg3rMhBUnwqKu2r5M3h7FdKuJzrWsqb2fPUdbXstSU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 16:05:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Jul 2021 16:05:55 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 347D 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9WfZM2OExQdmaN9SpAJ5czS0RHOccVyK1HTcJ4iAznyzRKZeoqDPjeqiD9mUtHYYqhckrNgkLWtkKjODgxDxgFIrp20vZjvBqvIXwn5CWgYKt59GEPvY07ZKcV-ha9Al-kwif1IQ1K_n_h_if58CJ05FiPg&dbm_d=AKAmf-D3Cc0nZatGy2dMKH-KGDCilebi13ULCWQB7ANiXENFsIv_tegr0dVxd6dIfpHB4K-PCJT6Bg_xzUU0hiV4Yv6cOu-21HfeWkyiZmQ4GRC2Ph0CS3e4jVYumqmMQCTWFhfr6sEGem5Zn-6cUzrY7rQmahIUn6VKvK9sz9MdLJOVP2zBvybsHeERglRLAB1bmjm7RURckdWdrCgynaym-PS2O9kmSFkrV2iYlj87sRY_DZpZr_MFIbN_u1a3ee3rc4B_nOuxigcYeTQw_1RDfoS-SsV8z9hOgq3YUedYV9XPx7aa57AjgaEPzdC-ESzBerUbOS6Nvdnze_JG7rhe_5Hp5geG5Q2AeiwGRphT5DU3zd519wZeeySY8HSr2bgWUgfU_A4GW20wXlXiL4hD8_NzD_QGCY4wyDKWyda68NhrZ46T1qsO4FZPDmD6pSmYB6qCVFbZec1jaD8xm1oyhlwdYDplwoy6JJmgmiv9wjJYlYpIwx0d3CDLlN_qxmr8kAYZGSBvSrHXU7BXOaURay3CaOWkIqWHf3nUGnJU6kBcdxug15_-JOIJSIvPNTbkvytQeyGiVzzwntFcqf611hf5vYwufJI3gi8FT7T4cgD0aeMD9prXWoFOEVLSKvkvPv8lGn702ZBPjIbPizXPJh2Lns5Q8MA9gncQcyYgqSyqdqmIKuBM69_qOtKgSWadoVtJurkgZpXDM_1r7mBeuPUcbNARGmn0pm9D9SkD7VidFEKqMWzFA--qBE9OwEDZ3Wcnzpu4pdv97R9dftYO08GVkFyvC_rYGbpNghuxF78SoBEKZj6JC53YR_4G5MY_OTVS7QibBvwQAtciL94DOeLWrM1j9rU7CNFDBthHljONpnnnssXxjkeM1-8rX0SY6sLWISE9dvz1feEB_S6vNfEEQ5T2a1tuf51VxsdDOcJ06ITs6d2h4i6Oi0YDuEo7sifVyDbwI2A6tPEcL9clVMbPueALV6rNd45n9doESllxfCyw_F7tjaIY-PdDZ_RkRhiBlXeSzKxUCqzUX4hJf7rBF9qfBk68nc9U4RjrHT8IYrj5_Mb918woWSKnwV1lS_VFc19scZEeMQFBk6sBCgPSGkUklCAfBqco8yKKyOzcRz-sLMxRhSTbhrMvik9DL34r78YB28IcZRxpcUjGIQh_5HFgS8uXtkPulRL6PlTJQcccewmOBuG56mtDHqaOxqEzX1jsB0ncVcRlSjU9lhhyUMNJb061dEq6P2hwPRmxAJ_NozLYlj9DCp2jEUDFwY01YfPktxdkX2QUU1ENIuR6TS5oOnTdRyJfXeQ2hikolfP_1SkjS4jzL4iP2SEwR9DrkBAWtubpktcuQDdXG5vfLDzlbmq2a-u_0fbAaOvcBzyv2fYB47CYV9ayn7n3LEe3iIDWVuvxHMbPb5cWNTHbyTeTjUNCn9t41WDbCmg0nBIHyw8_mf2A5uIp_eWHELxBw7IMbbXKWGZP3FfrpvcsP7Vt8iy0SBbzUyFFJHbhPpR2FhMvSDjCQim-qfTn2IdWSga2plkq6z-akm0p2Jv2wTelu7x5JHqJY6hpgo1R_9wJzn3HGIdwLsXf2J6ISVlp79e70q-23EnJOTd7iSZ0tCtHThtfpyABIVWkvywZnlO2nqYnQCotx2vpLKyBwhuoZ3IBF6cy9HOPIBZVJzoPMy05QHCxm1HO7YJTDFW_An7_miht2VAMAeTibt4WFaQb8gKnLfyBXMWsf-WkL9byQQFypHnXjF2eEylwakfmNptJVRJnJAiSHvyA8qQvKqjm8Yj3sIch8vlPK6kLFj0ahM9T4XGcMC8ujXCJkjls4FLyxXrUorFaUk1SIJVUqT_rfG2h6KKbWt183iF-oV9JN8wL8q-4EDTKSWP6ZsWndsQkI6eek259p0sp43YGb7CbvLVgNUkgwhl30l5lortu-rv_l7DQVXJcRm4YYgsfSUXDkcs6JirtjCRRz9oQzjBumO6gcdVY-8hE9m76d96P7neGCNYJq4ONxHPwp6se-jvQ5KyIp72QU3-5wGanEjVBwneQo5h6S_P6oNMPYXzeI7Or22ERpJXl1z28n2COFUsorjj5TKFCg1vXRj-M8HYW61-AeYjAvjZr3Ah-wZLo8MV5ixDcikd20EYcErIwrGokq3yI-NRzMzIIAV2xQCxHlFsevsiKiaDmTb8d1WJBCIuqT-nSWHn20LJNrLHsN75YKjlnhybj9WhiHemmONAapTiM6yIlCDoAyILU9W9f6S2Duau0UJkOCwUkTwZ5FUCujAyt7VDhWMPl-WPCNcWgNuVSsarkM8NjhRXkRHzt5Apz41j9su4C6tJyMkfxekr9TzFFVgPZpktrnApQafVcK-x9V7-nvUCIL8hi3_G4KAGUmT63onXVlZJP7iwsoEouGudcNcFF1JxJE88ece3ddGF-LiWHjnbIR8m4fcDVAaZ_m9w72omONIEZSN096Fut8JIA5mNg0TJwYQ72UC3iFAromhP_t6lcQ2gYWOl-0KHTNIvhomJ2OMqSKTG4GmJ4WWA1R-uGZyyPEyS25jtGzz_R9Hq7yYfi6w2LG7pdzM79J5EAimn3Zge17nrlvqZJqSoar0HhmQNjz5vDiMy0A-w0bS7DmD5qOaphv5cBX8PKsv05eAcJ3ibbU7jY_4qD8K7oZels2CiZ7AyRRFDebUF2bNwuAbEU2ZDpLMjI0ivcbROkgI15WhaV1sE1uIzZdN55xilshXqeh4hG0h2GZAUSsXpdqrNKmol82_YUUk4sWdAW_mcwmsN5ovYu_zucLXAXfkA8V7kOoGx2fXdsu4Kn4BFBBd-yVuHUgqnJ22bagyOlewltsibXfQ8eDtLrtxI60950N8a4AvM3pS1xrLXRZUZAHTKHE4ndhauzCquq3zM9McRkfFrlCGjrr301fnKEl02IyIxVrHNw7n5s9OBxi7ekPF7sA0G3JAWNXE1_I61fUcVl8hgSoWrRoByBeZVSA84aQ44tJ4dLAkCRr5EsCsoofXpmMbEQsCKzXjBuEw&cid=CAASFeRo8kO-N6DAG9z_ZjCKqzQbPK96WA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38795414fad0a8abffc6795b257db45c60bad0a93b15fa6598bd46d41f07d8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24618
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 347D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-XAOyCThdt00TtyFx47ugYwQ9G9fzLa_RfB_cBZkQinxVbS2vQkjj6lu5uyHWoUxxQVBGoHlpDFyLFErNJJlMiJwFZGNE85bkMgdyJkxcAHrMIB0
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 347D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 347D 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 347D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 9917 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiK8V7QudFnm4w0Wwrj_BLNwYuR59eu2cEKNKxizOMtj8BFWqqO_2fcxTyKB5osIvmZLDaLmqDcCALvbPi75I1rowEO403r5foBSiCHPGAYWeCbcwZojtTKQ3KBQZyuFP7Zi6RBE20HzGnArZ0ftWZpUncog&cry=1&dbm_d=AKAmf-B53btbjrPj7-yP614rS6dV0THEikmsr-XGmLnFoYfzRqqfm-VqguQzd90EnrzsP4lBgjWJ9QwYDN4VK-cyIc2XYZXBpxcnzCCKskpzNaVwbEUwfvfKBgBcy3Tx6o9MDWIAgge_1UirjL4xkv8Aa4g44HW7RqD1L089tS6ztPgtrZIfUpFoKgBJTrqbW-SIAoAYL_gkgPdeOl13ucpq6XBpzrJx1XLqLYerkrPl0YxEJ60JvsInHf558aAS1Gt32u-FE97Ri8gRYDuU1JPG1bUm2-V7E3DdNBdosVCSqnuaVqC6anHSzTVZFqi5DDFBbRSX7xoe4dm7GmQBgGF1JW5US1wtP9GymZ26TNLoTjtK7qMTgYNSsQSehC3F21bogDBHPJOXu3rAHfguOZIdvu11LC6JrlpBWDBdQKbE4hnHakertu4zY8WSo26BHi_uW041Qhc-zQHZ_UHU6yqHYZIUOhM-lwnPbUjf3rJ30s85P3nyNVOUTtk4CVw4NSHiXEEZrtUFg1vDCtBiPMQplQ4eMYfwoQJ_lDi-50DkIJqCkDzqYAgyOrHZhoNwJoBxQymL9Tq1XnO1qpxQgppaub9VgIXUsw-t3u93vDdRnuvSRwH_77qdOrrnkACZewI-qPfguwejBAkyz4xOp-G98q6dQZ5fs9GMpRvygReWiC2ymFNUDZ67GaKObSQcqx5Fxgv6ZXIXrKlTb8BAvEhYZvLWFUw9S3dIOxslJTwYl7STfFku_o2X9PlFqBXEAshzs94TodzrJWufxFtMIbMVOryn4JXbR62Pj0n8t9De9E34QBokKQ6xP4UwWni0vpMimfqhOiSVZibowxQP9RPGgilikJOogBpU3yua6ySiX5o5bcjLlgJ9pHo4fbGjX71SMn2-Oe0Dym4Vuc1f3p2kwKUNcDgwbUCYIZP7pmqWB06Lh0nGfX4sQ-6SpJQhuiHbx0EBdqZ_HivL67zh106yldzS-EJhvOKC_QE_m_V6OvB00U8X9IHpeYRYxDpQ94O3usoh_AsonjYClfFs8y9JH_Xp2_CX0RWI85F3-Vkrv-7EeePFi8-7kUg4OFTF1F5sRoVp4Irxlg2ekgvSc9eJ7h2QHpvbRFoFHbeDPqzvz4NEc_Xkrn0KdbyFEQ_k5nxXIqpPlPzRJFFyNQ8d2AnZUwV9AShg8oBL_YiNzyFGKj0sISGO_Wjex1HnFkWMq9NCKl722wLsLVIM_2qewQhXa2GlOoydaFQS8SxufJCb1PTum-oI8Of-WyNLgBX_62qYc8_Dfi6BxgGPTbq9pPBs0ZsIU2IkF_ru1dD2v0VsepYsN6YsOpvyIh5fNg3qoklzqhVjWcHdqnb1LEnrtzON5StKJbym0vIa7lNjlaRRh9aAyb6kX7A2GYrucFzH2JlZ79g4u_Qke_suxa5JJL8LKZfYr-9oEq-UhDg0FEGqLAJrh_Tkb4Fu2Ri4gQ5XW36U_rPgyBBPhxUzvCYSzAiCFqg-RN6F86d_s-MwrdPw7lVXrejtEJiOpZGLAUtC0E64FzrW37zr6bL-HeI3MtpgpgMeRD3ny24wLcJmPqF0_IBRr2UQJrEvCyziK-Yv8jaRZfhSY6S9XY83zszwWj5S7_TsbIKJVfQakdD4gZM-tPhrSbJaYUig-oY2J_KbwbGjOkP9C5iQtXfv227e_IQ1z5bhFjLceuQyIku4dYk7tYW2RlYxR-eTAZmhiO-3euC5WH7_u64-d0YWgUBJMhTCKHekXVcXnP8WRLWVGnNgpsfi4F6sA1GoDfLgnyEWR77afOhTxKeUI0sGCaGlx31sNsLJkJnOhCc0OEo84GnQr55s1SMCAKTXia-VLXX_RQdyZrPqMQv-NFjNDagKAmTb4c-2FSgWK7yNALEDeHwCR57spLeH84XGAPLChhynnCdv-P-Vj_RLST-4fuF0jb3Gg5mEBUznnLG84YFZtI3j_Vpwkm0alTHBqf8FlVBMc7qkgUcdN5tfsecQ4PWd6VCM0_0MNgi8jUtiHrWzpXD_9XGe6yO3hm2EfZ2vWEyeW8OC_7qo-jNAaYhHqTWDPz0-yJ7bap-jJ8mv9PsU9_4HGVtNGPf5iG0gHaG9APz84cQvU5eMuwk8h6Vq6Ba8_aryibXBwgjnLF0qTidkG-98GMaeqIR2fHMcjX-24yc5bza3zmJnUtexXhw4PvwcqTN2Iz0jrF0MY4JleLDDrEYUZKtsv5VYiYOzkgD6jn3dVlio7pnDTbzNlomLNIxKMB_CNO10LEzYznzCYyTQkTrkWpxrmDE1hrDth3um3s-Oii2fTY5BmAgAbDmbH46ffxz6uhaTqX2lnfkhGUqoDz8zAmqYnMhd9MchODDSH87blJnJDMDaFy9wq5n4U8VuAiDd-hd8K4JJQaDMsLkzBLAELYexF9rVFBUYUughg3UJ1PlU00dNju5WJCCGgSe4v1ouHJRxXJsIvsUEx9anFfiEoyHM6JSoFT6NkJLD7hqsCLtJO0zwOJN10U4Nl85_ly9ffNwU0PW6mPGdj5yHB5DInh9nv2ugrLAHx4ajDWBvtWTKQo_aPDrKyvlWILmuO86Ib4HlN8izjaxc3mkoslvDTE7uhoW4kWgUWmzo90S2wNeOTcuUISm-P3FCLM-QgctrXhc74ScNuOzNUc2_IzV8qS_Fq-8PUNuTyUi3-o_H4VrRIFKGsu7TkXjtU45tflIkcXEdFIjMhgO91ZG5Rwa2oJYs_g_PiRrLfmN4eNZ8OD5eArtnrk0yJap2R1Di7w2b09wdsH40uojihUPebHI5C_nV4wARIU3-07g_iPT3HrI4NDrnN9w8oCbcfWLstSsEMWt5yUrUniyWCuCEmXhbsmz416tUStNY9VrADfAwfHaqscNT2bqa6Waq5OpsYm_GsYy__yJDBLKVdrMyvW3Z4B1SnJ39W8i3gobB8ruW2Wi7oDMAy01rrVU9SO3BWmRYmnE96Di1Tyw8a8Z1PlXR4kWWZdx-FiUXqFsYPttsejd3z1d1eh9LGiO-mSvNvmct-VrLFE4XQg&cid=CAASFeRouMObOH4Drn43KtZfPADsK69QGg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9917 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiK8V7QudFnm4w0Wwrj_BLNwYuR59eu2cEKNKxizOMtj8BFWqqO_2fcxTyKB5osIvmZLDaLmqDcCALvbPi75I1rowEO403r5foBSiCHPGAYWeCbcwZojtTKQ3KBQZyuFP7Zi6RBE20HzGnArZ0ftWZpUncog&cry=1&dbm_d=AKAmf-B53btbjrPj7-yP614rS6dV0THEikmsr-XGmLnFoYfzRqqfm-VqguQzd90EnrzsP4lBgjWJ9QwYDN4VK-cyIc2XYZXBpxcnzCCKskpzNaVwbEUwfvfKBgBcy3Tx6o9MDWIAgge_1UirjL4xkv8Aa4g44HW7RqD1L089tS6ztPgtrZIfUpFoKgBJTrqbW-SIAoAYL_gkgPdeOl13ucpq6XBpzrJx1XLqLYerkrPl0YxEJ60JvsInHf558aAS1Gt32u-FE97Ri8gRYDuU1JPG1bUm2-V7E3DdNBdosVCSqnuaVqC6anHSzTVZFqi5DDFBbRSX7xoe4dm7GmQBgGF1JW5US1wtP9GymZ26TNLoTjtK7qMTgYNSsQSehC3F21bogDBHPJOXu3rAHfguOZIdvu11LC6JrlpBWDBdQKbE4hnHakertu4zY8WSo26BHi_uW041Qhc-zQHZ_UHU6yqHYZIUOhM-lwnPbUjf3rJ30s85P3nyNVOUTtk4CVw4NSHiXEEZrtUFg1vDCtBiPMQplQ4eMYfwoQJ_lDi-50DkIJqCkDzqYAgyOrHZhoNwJoBxQymL9Tq1XnO1qpxQgppaub9VgIXUsw-t3u93vDdRnuvSRwH_77qdOrrnkACZewI-qPfguwejBAkyz4xOp-G98q6dQZ5fs9GMpRvygReWiC2ymFNUDZ67GaKObSQcqx5Fxgv6ZXIXrKlTb8BAvEhYZvLWFUw9S3dIOxslJTwYl7STfFku_o2X9PlFqBXEAshzs94TodzrJWufxFtMIbMVOryn4JXbR62Pj0n8t9De9E34QBokKQ6xP4UwWni0vpMimfqhOiSVZibowxQP9RPGgilikJOogBpU3yua6ySiX5o5bcjLlgJ9pHo4fbGjX71SMn2-Oe0Dym4Vuc1f3p2kwKUNcDgwbUCYIZP7pmqWB06Lh0nGfX4sQ-6SpJQhuiHbx0EBdqZ_HivL67zh106yldzS-EJhvOKC_QE_m_V6OvB00U8X9IHpeYRYxDpQ94O3usoh_AsonjYClfFs8y9JH_Xp2_CX0RWI85F3-Vkrv-7EeePFi8-7kUg4OFTF1F5sRoVp4Irxlg2ekgvSc9eJ7h2QHpvbRFoFHbeDPqzvz4NEc_Xkrn0KdbyFEQ_k5nxXIqpPlPzRJFFyNQ8d2AnZUwV9AShg8oBL_YiNzyFGKj0sISGO_Wjex1HnFkWMq9NCKl722wLsLVIM_2qewQhXa2GlOoydaFQS8SxufJCb1PTum-oI8Of-WyNLgBX_62qYc8_Dfi6BxgGPTbq9pPBs0ZsIU2IkF_ru1dD2v0VsepYsN6YsOpvyIh5fNg3qoklzqhVjWcHdqnb1LEnrtzON5StKJbym0vIa7lNjlaRRh9aAyb6kX7A2GYrucFzH2JlZ79g4u_Qke_suxa5JJL8LKZfYr-9oEq-UhDg0FEGqLAJrh_Tkb4Fu2Ri4gQ5XW36U_rPgyBBPhxUzvCYSzAiCFqg-RN6F86d_s-MwrdPw7lVXrejtEJiOpZGLAUtC0E64FzrW37zr6bL-HeI3MtpgpgMeRD3ny24wLcJmPqF0_IBRr2UQJrEvCyziK-Yv8jaRZfhSY6S9XY83zszwWj5S7_TsbIKJVfQakdD4gZM-tPhrSbJaYUig-oY2J_KbwbGjOkP9C5iQtXfv227e_IQ1z5bhFjLceuQyIku4dYk7tYW2RlYxR-eTAZmhiO-3euC5WH7_u64-d0YWgUBJMhTCKHekXVcXnP8WRLWVGnNgpsfi4F6sA1GoDfLgnyEWR77afOhTxKeUI0sGCaGlx31sNsLJkJnOhCc0OEo84GnQr55s1SMCAKTXia-VLXX_RQdyZrPqMQv-NFjNDagKAmTb4c-2FSgWK7yNALEDeHwCR57spLeH84XGAPLChhynnCdv-P-Vj_RLST-4fuF0jb3Gg5mEBUznnLG84YFZtI3j_Vpwkm0alTHBqf8FlVBMc7qkgUcdN5tfsecQ4PWd6VCM0_0MNgi8jUtiHrWzpXD_9XGe6yO3hm2EfZ2vWEyeW8OC_7qo-jNAaYhHqTWDPz0-yJ7bap-jJ8mv9PsU9_4HGVtNGPf5iG0gHaG9APz84cQvU5eMuwk8h6Vq6Ba8_aryibXBwgjnLF0qTidkG-98GMaeqIR2fHMcjX-24yc5bza3zmJnUtexXhw4PvwcqTN2Iz0jrF0MY4JleLDDrEYUZKtsv5VYiYOzkgD6jn3dVlio7pnDTbzNlomLNIxKMB_CNO10LEzYznzCYyTQkTrkWpxrmDE1hrDth3um3s-Oii2fTY5BmAgAbDmbH46ffxz6uhaTqX2lnfkhGUqoDz8zAmqYnMhd9MchODDSH87blJnJDMDaFy9wq5n4U8VuAiDd-hd8K4JJQaDMsLkzBLAELYexF9rVFBUYUughg3UJ1PlU00dNju5WJCCGgSe4v1ouHJRxXJsIvsUEx9anFfiEoyHM6JSoFT6NkJLD7hqsCLtJO0zwOJN10U4Nl85_ly9ffNwU0PW6mPGdj5yHB5DInh9nv2ugrLAHx4ajDWBvtWTKQo_aPDrKyvlWILmuO86Ib4HlN8izjaxc3mkoslvDTE7uhoW4kWgUWmzo90S2wNeOTcuUISm-P3FCLM-QgctrXhc74ScNuOzNUc2_IzV8qS_Fq-8PUNuTyUi3-o_H4VrRIFKGsu7TkXjtU45tflIkcXEdFIjMhgO91ZG5Rwa2oJYs_g_PiRrLfmN4eNZ8OD5eArtnrk0yJap2R1Di7w2b09wdsH40uojihUPebHI5C_nV4wARIU3-07g_iPT3HrI4NDrnN9w8oCbcfWLstSsEMWt5yUrUniyWCuCEmXhbsmz416tUStNY9VrADfAwfHaqscNT2bqa6Waq5OpsYm_GsYy__yJDBLKVdrMyvW3Z4B1SnJ39W8i3gobB8ruW2Wi7oDMAy01rrVU9SO3BWmRYmnE96Di1Tyw8a8Z1PlXR4kWWZdx-FiUXqFsYPttsejd3z1d1eh9LGiO-mSvNvmct-VrLFE4XQg&cid=CAASFeRouMObOH4Drn43KtZfPADsK69QGg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 14:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 14:19:25 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C1F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3C1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3b0e9806-fd4b-43ef-bf11-21507df92600
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3C1F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNV2TV-fY8q7EBM636cG2sPLm0_dEo_S2v5v8eNCuverxkeEIOLlK1sLzwu3u3ElzkEMN50YhyT2XtfG5R3fn0dKPTeaT31tGpAjvu2aZq4_Z46lyoY8k6V3IKjzTj_dIIA4Z1M6GiZOul-v6fWdgsgbpI9Ybl8q4Y_IbYqozKWN_r_oy2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
792ba54a-851c-4194-aace-90bc8065647a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A9BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhBaYpnryNhV2cFtzWJUek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A9BE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A9BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d3054503-fffc-470e-96d5-09c15e76529c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3j8Sw9KNyH8VdBnGpDzYA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBC4iZ4CGInWna0BMAE&v=APEucNVOIESyrjTh--fWiG9C6Nx_UN9p1KoIQG_Ks-Zs4pXxHiKJ6Aqwso-DTsvei8YoEwRdWa6_X3yRbzR2QyRFsTIqtClh2tcRRvxOcp9zE-9sl6fvcldW7qL7ao-TgJfvKqinEzIJZ9ra73jSaWolRkMny_dbqbgLhDUsqb4dBzM9rjaULgo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c5d8eeae-b77b-47b5-8003-8f4d0d8a9f1b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 54B1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmo0WP0Rc6wD8HVdBN4f8l2--IhVaap5UXKPkLkcV0nbYAEacUe00qR6Ze7I9w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 16:05:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DE87 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct-0q-Y0O2lZUMTVSBJ78tMd5eksNPp1UM0nVcyOsxJKHfdeHz72MOefd4k6rQvw1S1wnfj352qFzBRFlm1GMeQeI-OtB96MxkcsIml9A9xSgU2xAsMRkgPv681Hs0hUh9IdRCc0Cvgesz9juDZBVHtNO4gw&dbm_d=AKAmf-Byb7JRn_-p-JI9Dx2zJGz30_GLeQerbBjYaNW97v2k1gonxKMu1MNeuRELsWcXKbrs_DUgJo0npIUM2GLDi-hLgv7_xTsIvD_1v7qdyUJYDqOB1Xp2zCufvry2g79Quo45kRKbo2yd6hOYTNlXtHgjl_V4Ts6CEXNyIAn4OJslgNIlbeF3614ltYSUsmoo5VpySDpi7qvYz5PCTZBaeDUjMBpalx90m9WjiSQ45VwnnpwqD-TE4X6xDmQRgtwe-ZSCXHBxYpacxAseh1SCfLk6UXHA4YDcfJY56nKQX9k01g8Cd1eOrJZsVTvBW-Qb4kyOFhnEovv4hCmrRVzb2Imy-ZakdS7SmeU-Y_yOH9IwstggNEE3KYNNNoP5BMyLtINyYR0S6XqcYFk5iZkbqEWY0fKOyRbkVd2Vi73waOd92E5iI_o1xebi23Iu9alErXI87Sq06ox92I4BJhK9nmVHKRWC_s9evGI52i6f8AdEH2kF0pMKV4uCkF0tqOzZL9Kd-LL7ggxxkn4DPJQXCBBDs6akvihv3FVPSkR2smisxC1M0U8R751C7AC5SdyAi43bgHjLT_nrtczKkCCUXWHxME16NwWJRlkzBgCiucE4_2BvP0UBKFsPBixhSduA6PfInRVK9RbPYZ80Ab_6og9enK9AjKZzU-o5X0owgxxQNYFadeHsx3MlGj4-LLuQcCjw9GLH3nDcIWsr-ur-WxSOn8HOZ-i_q7849InFQX1vRWXOEcdGfFTW1_esXv90mzo4DhPdP9GMI3bAx-njOXsu7953dk1ZYatl-xxn89NAeuFHOmcmDPrb-jmn9exnoJIXkoZ6MwkfV237yjfAYoi6nv4L4B17X3GCTBXdLsooiQtraducOqgYqpPd5vhWZPDoZ-FeOTEe6gl2bDTVu0Yqqvs16cf5ugNKIOIhKkszPN5tHM80iN54DSotSqtUe_U_PaJT_Nf6DmGdeGsMVAZhGu9JqOZcAVo5_KJbHWIlFxy5Z9W0gtA1zGwCVMB6-GUgHeLY6r9S2Si09UjEfv1dFDJ6Ud2mWkyxXRLYhIwLStXduP95KghM4oIWeGdGUFZmog_ltKjZYls_OdxdKD0B8-pyI-kQfzsHuFAEz7ZgtOtA6zArYtZ_p5zV5p71yIeil11ZPZmaK4bCoD9Biw1ols6MF936xwvf8dwoQXO-btw7Bhv1Tk_wVLm3cYtQmj28CzcpHcOOiVF1Bfc2DhoiD6Dghua79GRHuRz_8JoaleuhnitvOME6s-F49NYK44Hrf1ymcMvk9qlKWQ71xzM7mkIrvFuOINyvbPF_iV64VDFvXtlFO-IHugME5H95W0NBNptTcPHReOesyc0wY1PUhzB0lEyb3o0joGGl8rBEnNcUw2kNxIdnXLp-NtT-kkEBvS2ypDmbYJ9DfG3LQpH2v2x-uu_Z9HHHzoZ-vRfGKdfOm97JOEhz4DVd53Ay8ME7JNGKF9pmmQafSeMaMf9Unwm2jHdDyHV2xBiDNtUTinzSa7Lnz2JdebjDvTYDyC-ORereTcSHrYrIhmWiQOWVaNBCaKkW0Vs1TNui4hcQ5IDWVcE-LmbyMXZSIYZ-3Ga_Mi-RVycKXdI9bFcybPvqZkZW9tMBKVGOrwuFxeqpbgHynEQ2jBBwpLxCTKTDpG-swG1OXgSjAI_e4qV77GPgWs4u_cw2kBXWg7c35BtuKLBAX5szqBBo5IYczSywjlZP1KZVFaVArPh67dFrpJwkjjln4RV2VgAeZsviOvPIS6szfJdKEUuF1yteza_MbDXMJNDjWwObes-0voqVN6dqd_1KLy3urCKtUxlrkKrjodYXR1GMl0GSWs_VCDSa9AoZP5RMRn3TRQ3pPOTbzSdNy8nhddayzhwnJYEtzFCBfru0YLgqX8rTJ3dnlL33nB43lnFoSYK8bHRXydUoNlInu5PBhzgybGZtNmol-8eAR1jqzIvX1y6FnGAiw2o1FaHv_rLELLfYwS1FMqULK2cx54Y3E9xDO-5iiMDSAmFHfYxq7JE_LFNUhB76Ec6pTbN3207p4pMxCKfC79AnPSCJRJrZhEHvCxzU52Hf-EY54e2ySl-vVkTzNLh1ieLe0tKMgijVCofQ5WDqbAHkzc4qiMio4ntaVj9RRbpflvayzCgQifqnxdLBg1h0shJpl3BV99qcPnzzz48OEM7jyl2QWOaagERJfqUCfTnOgfjVGlbcGhc9Tefbgj4Auw3iM4zz-teVAQEEwCHW0mdyqSnpalY6nRD944WhhDW5GyFS-emedwvb795nY5yCfbsQ39gXOQpRnrkuw_-1IOvdGZuhxg4cWIF-MNRooOEuM16DgBwvdUMoNelu3WqJDREXJI8nvTD_qnNd1ZhIpNuVb8jb00nMsMhKfoFwtB0CcEDZUTS2s669EUBwDAXaxb7ptwIrDbmhedakoKkC3X6nMRiMuqyScZLwnG_NpCLw6YgN0h8WzaNeHi2fR1op_9A8k8uL2N9wduNU6agn8TSdcA-MulRCsudlWr7p23LgTINVtBHvNKSg7OrSyZ_ju8SFFrUeLN8PwJ222YPmJ-D8CX9KtvpaTEHHGiGSHS9ALmaGIkVDz16ZuAs2iRFc7pli7y-U6cKRkEpWjB0_f9mw0kTeJwBquk59ZP6EaZyq3MrA7OsC-4nH8Te_vQWy1bIUKCJksYSoDiSven_F8ctgFBdluCIrpvRMNCAYlvV49-p4tB51ECC1OIE20oWwPgPVaAVfIwtphUUh1TkDawPDH9tUE1TFFDSbNb68xI1Xxr6o1ygXSMboT79c1pi0T3VfzUzGQWePN_y9M2Qao6DEulvcFw1RklaGLKJGYmwxj153KX44wawCiG7rBnevLC5lIIFNiSFR8E1D4DjFeZ8Bk7q7i21TiUdc0HzwLYfLaYWEwv2xAXG8PvR4U18czM-PTdJHIE_nyrDsX03dmAa4_AAnMBIwrv4vBnLGoj3tRvTooIYBuiZTRGCnGAsNL-CtSPQKmZdaHV47drgpmb2gq2RfMk4cDh8cyim-89qCRIWQmwwnUDPBgFtKPWJX3adH3AIYHvZOGsz0OLZs341l9xUGMF1j9W7sVFovrcgwjuF6OEs2Y0an1qxDirki2X6m-ZoWG0fZ53f_d3WSKHx-jSb0cbNWgVwKvtWbJl_FFsn9uBuytNvo02fojONI94gPmLMWGpxmqzLXwqRX1taaxLG7n6y2CCfNnKvMWdya_WViw8mn7lH_tX6f6ymBAPedq7kEA_Ycgas2bb7cqrB4ldW0RrlSbg&cid=CAASEuRo5vMFQT0XFzF-q44bSuYHzQ&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd2440daeccf772d1554ce952d7c2f372e93e19d1ffb329a54aa9288c500c802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE87 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkSGKUV2_SirqwMJwxs1E1kO59IvVipGiFSe3t2IvUaFXn9FP9-XWWP744CuG4FUBD-2_Wz-kqciLxVwrWUgR-7Whv5014XfbwFajipCg1HBS9uO4
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame DE87 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE87 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame DE87 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 347D 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 07:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 07:31:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 347D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9WfZM2OExQdmaN9SpAJ5czS0RHOccVyK1HTcJ4iAznyzRKZeoqDPjeqiD9mUtHYYqhckrNgkLWtkKjODgxDxgFIrp20vZjvBqvIXwn5CWgYKt59GEPvY07ZKcV-ha9Al-kwif1IQ1K_n_h_if58CJ05FiPg&dbm_d=AKAmf-D3Cc0nZatGy2dMKH-KGDCilebi13ULCWQB7ANiXENFsIv_tegr0dVxd6dIfpHB4K-PCJT6Bg_xzUU0hiV4Yv6cOu-21HfeWkyiZmQ4GRC2Ph0CS3e4jVYumqmMQCTWFhfr6sEGem5Zn-6cUzrY7rQmahIUn6VKvK9sz9MdLJOVP2zBvybsHeERglRLAB1bmjm7RURckdWdrCgynaym-PS2O9kmSFkrV2iYlj87sRY_DZpZr_MFIbN_u1a3ee3rc4B_nOuxigcYeTQw_1RDfoS-SsV8z9hOgq3YUedYV9XPx7aa57AjgaEPzdC-ESzBerUbOS6Nvdnze_JG7rhe_5Hp5geG5Q2AeiwGRphT5DU3zd519wZeeySY8HSr2bgWUgfU_A4GW20wXlXiL4hD8_NzD_QGCY4wyDKWyda68NhrZ46T1qsO4FZPDmD6pSmYB6qCVFbZec1jaD8xm1oyhlwdYDplwoy6JJmgmiv9wjJYlYpIwx0d3CDLlN_qxmr8kAYZGSBvSrHXU7BXOaURay3CaOWkIqWHf3nUGnJU6kBcdxug15_-JOIJSIvPNTbkvytQeyGiVzzwntFcqf611hf5vYwufJI3gi8FT7T4cgD0aeMD9prXWoFOEVLSKvkvPv8lGn702ZBPjIbPizXPJh2Lns5Q8MA9gncQcyYgqSyqdqmIKuBM69_qOtKgSWadoVtJurkgZpXDM_1r7mBeuPUcbNARGmn0pm9D9SkD7VidFEKqMWzFA--qBE9OwEDZ3Wcnzpu4pdv97R9dftYO08GVkFyvC_rYGbpNghuxF78SoBEKZj6JC53YR_4G5MY_OTVS7QibBvwQAtciL94DOeLWrM1j9rU7CNFDBthHljONpnnnssXxjkeM1-8rX0SY6sLWISE9dvz1feEB_S6vNfEEQ5T2a1tuf51VxsdDOcJ06ITs6d2h4i6Oi0YDuEo7sifVyDbwI2A6tPEcL9clVMbPueALV6rNd45n9doESllxfCyw_F7tjaIY-PdDZ_RkRhiBlXeSzKxUCqzUX4hJf7rBF9qfBk68nc9U4RjrHT8IYrj5_Mb918woWSKnwV1lS_VFc19scZEeMQFBk6sBCgPSGkUklCAfBqco8yKKyOzcRz-sLMxRhSTbhrMvik9DL34r78YB28IcZRxpcUjGIQh_5HFgS8uXtkPulRL6PlTJQcccewmOBuG56mtDHqaOxqEzX1jsB0ncVcRlSjU9lhhyUMNJb061dEq6P2hwPRmxAJ_NozLYlj9DCp2jEUDFwY01YfPktxdkX2QUU1ENIuR6TS5oOnTdRyJfXeQ2hikolfP_1SkjS4jzL4iP2SEwR9DrkBAWtubpktcuQDdXG5vfLDzlbmq2a-u_0fbAaOvcBzyv2fYB47CYV9ayn7n3LEe3iIDWVuvxHMbPb5cWNTHbyTeTjUNCn9t41WDbCmg0nBIHyw8_mf2A5uIp_eWHELxBw7IMbbXKWGZP3FfrpvcsP7Vt8iy0SBbzUyFFJHbhPpR2FhMvSDjCQim-qfTn2IdWSga2plkq6z-akm0p2Jv2wTelu7x5JHqJY6hpgo1R_9wJzn3HGIdwLsXf2J6ISVlp79e70q-23EnJOTd7iSZ0tCtHThtfpyABIVWkvywZnlO2nqYnQCotx2vpLKyBwhuoZ3IBF6cy9HOPIBZVJzoPMy05QHCxm1HO7YJTDFW_An7_miht2VAMAeTibt4WFaQb8gKnLfyBXMWsf-WkL9byQQFypHnXjF2eEylwakfmNptJVRJnJAiSHvyA8qQvKqjm8Yj3sIch8vlPK6kLFj0ahM9T4XGcMC8ujXCJkjls4FLyxXrUorFaUk1SIJVUqT_rfG2h6KKbWt183iF-oV9JN8wL8q-4EDTKSWP6ZsWndsQkI6eek259p0sp43YGb7CbvLVgNUkgwhl30l5lortu-rv_l7DQVXJcRm4YYgsfSUXDkcs6JirtjCRRz9oQzjBumO6gcdVY-8hE9m76d96P7neGCNYJq4ONxHPwp6se-jvQ5KyIp72QU3-5wGanEjVBwneQo5h6S_P6oNMPYXzeI7Or22ERpJXl1z28n2COFUsorjj5TKFCg1vXRj-M8HYW61-AeYjAvjZr3Ah-wZLo8MV5ixDcikd20EYcErIwrGokq3yI-NRzMzIIAV2xQCxHlFsevsiKiaDmTb8d1WJBCIuqT-nSWHn20LJNrLHsN75YKjlnhybj9WhiHemmONAapTiM6yIlCDoAyILU9W9f6S2Duau0UJkOCwUkTwZ5FUCujAyt7VDhWMPl-WPCNcWgNuVSsarkM8NjhRXkRHzt5Apz41j9su4C6tJyMkfxekr9TzFFVgPZpktrnApQafVcK-x9V7-nvUCIL8hi3_G4KAGUmT63onXVlZJP7iwsoEouGudcNcFF1JxJE88ece3ddGF-LiWHjnbIR8m4fcDVAaZ_m9w72omONIEZSN096Fut8JIA5mNg0TJwYQ72UC3iFAromhP_t6lcQ2gYWOl-0KHTNIvhomJ2OMqSKTG4GmJ4WWA1R-uGZyyPEyS25jtGzz_R9Hq7yYfi6w2LG7pdzM79J5EAimn3Zge17nrlvqZJqSoar0HhmQNjz5vDiMy0A-w0bS7DmD5qOaphv5cBX8PKsv05eAcJ3ibbU7jY_4qD8K7oZels2CiZ7AyRRFDebUF2bNwuAbEU2ZDpLMjI0ivcbROkgI15WhaV1sE1uIzZdN55xilshXqeh4hG0h2GZAUSsXpdqrNKmol82_YUUk4sWdAW_mcwmsN5ovYu_zucLXAXfkA8V7kOoGx2fXdsu4Kn4BFBBd-yVuHUgqnJ22bagyOlewltsibXfQ8eDtLrtxI60950N8a4AvM3pS1xrLXRZUZAHTKHE4ndhauzCquq3zM9McRkfFrlCGjrr301fnKEl02IyIxVrHNw7n5s9OBxi7ekPF7sA0G3JAWNXE1_I61fUcVl8hgSoWrRoByBeZVSA84aQ44tJ4dLAkCRr5EsCsoofXpmMbEQsCKzXjBuEw&cid=CAASFeRo8kO-N6DAG9z_ZjCKqzQbPK96WA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 347D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9WfZM2OExQdmaN9SpAJ5czS0RHOccVyK1HTcJ4iAznyzRKZeoqDPjeqiD9mUtHYYqhckrNgkLWtkKjODgxDxgFIrp20vZjvBqvIXwn5CWgYKt59GEPvY07ZKcV-ha9Al-kwif1IQ1K_n_h_if58CJ05FiPg&dbm_d=AKAmf-D3Cc0nZatGy2dMKH-KGDCilebi13ULCWQB7ANiXENFsIv_tegr0dVxd6dIfpHB4K-PCJT6Bg_xzUU0hiV4Yv6cOu-21HfeWkyiZmQ4GRC2Ph0CS3e4jVYumqmMQCTWFhfr6sEGem5Zn-6cUzrY7rQmahIUn6VKvK9sz9MdLJOVP2zBvybsHeERglRLAB1bmjm7RURckdWdrCgynaym-PS2O9kmSFkrV2iYlj87sRY_DZpZr_MFIbN_u1a3ee3rc4B_nOuxigcYeTQw_1RDfoS-SsV8z9hOgq3YUedYV9XPx7aa57AjgaEPzdC-ESzBerUbOS6Nvdnze_JG7rhe_5Hp5geG5Q2AeiwGRphT5DU3zd519wZeeySY8HSr2bgWUgfU_A4GW20wXlXiL4hD8_NzD_QGCY4wyDKWyda68NhrZ46T1qsO4FZPDmD6pSmYB6qCVFbZec1jaD8xm1oyhlwdYDplwoy6JJmgmiv9wjJYlYpIwx0d3CDLlN_qxmr8kAYZGSBvSrHXU7BXOaURay3CaOWkIqWHf3nUGnJU6kBcdxug15_-JOIJSIvPNTbkvytQeyGiVzzwntFcqf611hf5vYwufJI3gi8FT7T4cgD0aeMD9prXWoFOEVLSKvkvPv8lGn702ZBPjIbPizXPJh2Lns5Q8MA9gncQcyYgqSyqdqmIKuBM69_qOtKgSWadoVtJurkgZpXDM_1r7mBeuPUcbNARGmn0pm9D9SkD7VidFEKqMWzFA--qBE9OwEDZ3Wcnzpu4pdv97R9dftYO08GVkFyvC_rYGbpNghuxF78SoBEKZj6JC53YR_4G5MY_OTVS7QibBvwQAtciL94DOeLWrM1j9rU7CNFDBthHljONpnnnssXxjkeM1-8rX0SY6sLWISE9dvz1feEB_S6vNfEEQ5T2a1tuf51VxsdDOcJ06ITs6d2h4i6Oi0YDuEo7sifVyDbwI2A6tPEcL9clVMbPueALV6rNd45n9doESllxfCyw_F7tjaIY-PdDZ_RkRhiBlXeSzKxUCqzUX4hJf7rBF9qfBk68nc9U4RjrHT8IYrj5_Mb918woWSKnwV1lS_VFc19scZEeMQFBk6sBCgPSGkUklCAfBqco8yKKyOzcRz-sLMxRhSTbhrMvik9DL34r78YB28IcZRxpcUjGIQh_5HFgS8uXtkPulRL6PlTJQcccewmOBuG56mtDHqaOxqEzX1jsB0ncVcRlSjU9lhhyUMNJb061dEq6P2hwPRmxAJ_NozLYlj9DCp2jEUDFwY01YfPktxdkX2QUU1ENIuR6TS5oOnTdRyJfXeQ2hikolfP_1SkjS4jzL4iP2SEwR9DrkBAWtubpktcuQDdXG5vfLDzlbmq2a-u_0fbAaOvcBzyv2fYB47CYV9ayn7n3LEe3iIDWVuvxHMbPb5cWNTHbyTeTjUNCn9t41WDbCmg0nBIHyw8_mf2A5uIp_eWHELxBw7IMbbXKWGZP3FfrpvcsP7Vt8iy0SBbzUyFFJHbhPpR2FhMvSDjCQim-qfTn2IdWSga2plkq6z-akm0p2Jv2wTelu7x5JHqJY6hpgo1R_9wJzn3HGIdwLsXf2J6ISVlp79e70q-23EnJOTd7iSZ0tCtHThtfpyABIVWkvywZnlO2nqYnQCotx2vpLKyBwhuoZ3IBF6cy9HOPIBZVJzoPMy05QHCxm1HO7YJTDFW_An7_miht2VAMAeTibt4WFaQb8gKnLfyBXMWsf-WkL9byQQFypHnXjF2eEylwakfmNptJVRJnJAiSHvyA8qQvKqjm8Yj3sIch8vlPK6kLFj0ahM9T4XGcMC8ujXCJkjls4FLyxXrUorFaUk1SIJVUqT_rfG2h6KKbWt183iF-oV9JN8wL8q-4EDTKSWP6ZsWndsQkI6eek259p0sp43YGb7CbvLVgNUkgwhl30l5lortu-rv_l7DQVXJcRm4YYgsfSUXDkcs6JirtjCRRz9oQzjBumO6gcdVY-8hE9m76d96P7neGCNYJq4ONxHPwp6se-jvQ5KyIp72QU3-5wGanEjVBwneQo5h6S_P6oNMPYXzeI7Or22ERpJXl1z28n2COFUsorjj5TKFCg1vXRj-M8HYW61-AeYjAvjZr3Ah-wZLo8MV5ixDcikd20EYcErIwrGokq3yI-NRzMzIIAV2xQCxHlFsevsiKiaDmTb8d1WJBCIuqT-nSWHn20LJNrLHsN75YKjlnhybj9WhiHemmONAapTiM6yIlCDoAyILU9W9f6S2Duau0UJkOCwUkTwZ5FUCujAyt7VDhWMPl-WPCNcWgNuVSsarkM8NjhRXkRHzt5Apz41j9su4C6tJyMkfxekr9TzFFVgPZpktrnApQafVcK-x9V7-nvUCIL8hi3_G4KAGUmT63onXVlZJP7iwsoEouGudcNcFF1JxJE88ece3ddGF-LiWHjnbIR8m4fcDVAaZ_m9w72omONIEZSN096Fut8JIA5mNg0TJwYQ72UC3iFAromhP_t6lcQ2gYWOl-0KHTNIvhomJ2OMqSKTG4GmJ4WWA1R-uGZyyPEyS25jtGzz_R9Hq7yYfi6w2LG7pdzM79J5EAimn3Zge17nrlvqZJqSoar0HhmQNjz5vDiMy0A-w0bS7DmD5qOaphv5cBX8PKsv05eAcJ3ibbU7jY_4qD8K7oZels2CiZ7AyRRFDebUF2bNwuAbEU2ZDpLMjI0ivcbROkgI15WhaV1sE1uIzZdN55xilshXqeh4hG0h2GZAUSsXpdqrNKmol82_YUUk4sWdAW_mcwmsN5ovYu_zucLXAXfkA8V7kOoGx2fXdsu4Kn4BFBBd-yVuHUgqnJ22bagyOlewltsibXfQ8eDtLrtxI60950N8a4AvM3pS1xrLXRZUZAHTKHE4ndhauzCquq3zM9McRkfFrlCGjrr301fnKEl02IyIxVrHNw7n5s9OBxi7ekPF7sA0G3JAWNXE1_I61fUcVl8hgSoWrRoByBeZVSA84aQ44tJ4dLAkCRr5EsCsoofXpmMbEQsCKzXjBuEw&cid=CAASFeRo8kO-N6DAG9z_ZjCKqzQbPK96WA&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
j9vjvxztr9lv
hal9000.redintelligence.net/zone/ Frame 9917 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/j9vjvxztr9lv?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
769043aa256c30755f4571f0492f2487bfc9813b50b31b98d4e185d481712e13

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3853
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 347D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 14:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 14:19:25 GMT
truncated
/ Frame 347D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
681970546e1a221702746a9d61e5fce0f4f48e14adffdf5b1dcf98a7677b10f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame DE87 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 07:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 07:31:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame DE87 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct-0q-Y0O2lZUMTVSBJ78tMd5eksNPp1UM0nVcyOsxJKHfdeHz72MOefd4k6rQvw1S1wnfj352qFzBRFlm1GMeQeI-OtB96MxkcsIml9A9xSgU2xAsMRkgPv681Hs0hUh9IdRCc0Cvgesz9juDZBVHtNO4gw&dbm_d=AKAmf-Byb7JRn_-p-JI9Dx2zJGz30_GLeQerbBjYaNW97v2k1gonxKMu1MNeuRELsWcXKbrs_DUgJo0npIUM2GLDi-hLgv7_xTsIvD_1v7qdyUJYDqOB1Xp2zCufvry2g79Quo45kRKbo2yd6hOYTNlXtHgjl_V4Ts6CEXNyIAn4OJslgNIlbeF3614ltYSUsmoo5VpySDpi7qvYz5PCTZBaeDUjMBpalx90m9WjiSQ45VwnnpwqD-TE4X6xDmQRgtwe-ZSCXHBxYpacxAseh1SCfLk6UXHA4YDcfJY56nKQX9k01g8Cd1eOrJZsVTvBW-Qb4kyOFhnEovv4hCmrRVzb2Imy-ZakdS7SmeU-Y_yOH9IwstggNEE3KYNNNoP5BMyLtINyYR0S6XqcYFk5iZkbqEWY0fKOyRbkVd2Vi73waOd92E5iI_o1xebi23Iu9alErXI87Sq06ox92I4BJhK9nmVHKRWC_s9evGI52i6f8AdEH2kF0pMKV4uCkF0tqOzZL9Kd-LL7ggxxkn4DPJQXCBBDs6akvihv3FVPSkR2smisxC1M0U8R751C7AC5SdyAi43bgHjLT_nrtczKkCCUXWHxME16NwWJRlkzBgCiucE4_2BvP0UBKFsPBixhSduA6PfInRVK9RbPYZ80Ab_6og9enK9AjKZzU-o5X0owgxxQNYFadeHsx3MlGj4-LLuQcCjw9GLH3nDcIWsr-ur-WxSOn8HOZ-i_q7849InFQX1vRWXOEcdGfFTW1_esXv90mzo4DhPdP9GMI3bAx-njOXsu7953dk1ZYatl-xxn89NAeuFHOmcmDPrb-jmn9exnoJIXkoZ6MwkfV237yjfAYoi6nv4L4B17X3GCTBXdLsooiQtraducOqgYqpPd5vhWZPDoZ-FeOTEe6gl2bDTVu0Yqqvs16cf5ugNKIOIhKkszPN5tHM80iN54DSotSqtUe_U_PaJT_Nf6DmGdeGsMVAZhGu9JqOZcAVo5_KJbHWIlFxy5Z9W0gtA1zGwCVMB6-GUgHeLY6r9S2Si09UjEfv1dFDJ6Ud2mWkyxXRLYhIwLStXduP95KghM4oIWeGdGUFZmog_ltKjZYls_OdxdKD0B8-pyI-kQfzsHuFAEz7ZgtOtA6zArYtZ_p5zV5p71yIeil11ZPZmaK4bCoD9Biw1ols6MF936xwvf8dwoQXO-btw7Bhv1Tk_wVLm3cYtQmj28CzcpHcOOiVF1Bfc2DhoiD6Dghua79GRHuRz_8JoaleuhnitvOME6s-F49NYK44Hrf1ymcMvk9qlKWQ71xzM7mkIrvFuOINyvbPF_iV64VDFvXtlFO-IHugME5H95W0NBNptTcPHReOesyc0wY1PUhzB0lEyb3o0joGGl8rBEnNcUw2kNxIdnXLp-NtT-kkEBvS2ypDmbYJ9DfG3LQpH2v2x-uu_Z9HHHzoZ-vRfGKdfOm97JOEhz4DVd53Ay8ME7JNGKF9pmmQafSeMaMf9Unwm2jHdDyHV2xBiDNtUTinzSa7Lnz2JdebjDvTYDyC-ORereTcSHrYrIhmWiQOWVaNBCaKkW0Vs1TNui4hcQ5IDWVcE-LmbyMXZSIYZ-3Ga_Mi-RVycKXdI9bFcybPvqZkZW9tMBKVGOrwuFxeqpbgHynEQ2jBBwpLxCTKTDpG-swG1OXgSjAI_e4qV77GPgWs4u_cw2kBXWg7c35BtuKLBAX5szqBBo5IYczSywjlZP1KZVFaVArPh67dFrpJwkjjln4RV2VgAeZsviOvPIS6szfJdKEUuF1yteza_MbDXMJNDjWwObes-0voqVN6dqd_1KLy3urCKtUxlrkKrjodYXR1GMl0GSWs_VCDSa9AoZP5RMRn3TRQ3pPOTbzSdNy8nhddayzhwnJYEtzFCBfru0YLgqX8rTJ3dnlL33nB43lnFoSYK8bHRXydUoNlInu5PBhzgybGZtNmol-8eAR1jqzIvX1y6FnGAiw2o1FaHv_rLELLfYwS1FMqULK2cx54Y3E9xDO-5iiMDSAmFHfYxq7JE_LFNUhB76Ec6pTbN3207p4pMxCKfC79AnPSCJRJrZhEHvCxzU52Hf-EY54e2ySl-vVkTzNLh1ieLe0tKMgijVCofQ5WDqbAHkzc4qiMio4ntaVj9RRbpflvayzCgQifqnxdLBg1h0shJpl3BV99qcPnzzz48OEM7jyl2QWOaagERJfqUCfTnOgfjVGlbcGhc9Tefbgj4Auw3iM4zz-teVAQEEwCHW0mdyqSnpalY6nRD944WhhDW5GyFS-emedwvb795nY5yCfbsQ39gXOQpRnrkuw_-1IOvdGZuhxg4cWIF-MNRooOEuM16DgBwvdUMoNelu3WqJDREXJI8nvTD_qnNd1ZhIpNuVb8jb00nMsMhKfoFwtB0CcEDZUTS2s669EUBwDAXaxb7ptwIrDbmhedakoKkC3X6nMRiMuqyScZLwnG_NpCLw6YgN0h8WzaNeHi2fR1op_9A8k8uL2N9wduNU6agn8TSdcA-MulRCsudlWr7p23LgTINVtBHvNKSg7OrSyZ_ju8SFFrUeLN8PwJ222YPmJ-D8CX9KtvpaTEHHGiGSHS9ALmaGIkVDz16ZuAs2iRFc7pli7y-U6cKRkEpWjB0_f9mw0kTeJwBquk59ZP6EaZyq3MrA7OsC-4nH8Te_vQWy1bIUKCJksYSoDiSven_F8ctgFBdluCIrpvRMNCAYlvV49-p4tB51ECC1OIE20oWwPgPVaAVfIwtphUUh1TkDawPDH9tUE1TFFDSbNb68xI1Xxr6o1ygXSMboT79c1pi0T3VfzUzGQWePN_y9M2Qao6DEulvcFw1RklaGLKJGYmwxj153KX44wawCiG7rBnevLC5lIIFNiSFR8E1D4DjFeZ8Bk7q7i21TiUdc0HzwLYfLaYWEwv2xAXG8PvR4U18czM-PTdJHIE_nyrDsX03dmAa4_AAnMBIwrv4vBnLGoj3tRvTooIYBuiZTRGCnGAsNL-CtSPQKmZdaHV47drgpmb2gq2RfMk4cDh8cyim-89qCRIWQmwwnUDPBgFtKPWJX3adH3AIYHvZOGsz0OLZs341l9xUGMF1j9W7sVFovrcgwjuF6OEs2Y0an1qxDirki2X6m-ZoWG0fZ53f_d3WSKHx-jSb0cbNWgVwKvtWbJl_FFsn9uBuytNvo02fojONI94gPmLMWGpxmqzLXwqRX1taaxLG7n6y2CCfNnKvMWdya_WViw8mn7lH_tX6f6ymBAPedq7kEA_Ycgas2bb7cqrB4ldW0RrlSbg&cid=CAASEuRo5vMFQT0XFzF-q44bSuYHzQ&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame DE87 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct-0q-Y0O2lZUMTVSBJ78tMd5eksNPp1UM0nVcyOsxJKHfdeHz72MOefd4k6rQvw1S1wnfj352qFzBRFlm1GMeQeI-OtB96MxkcsIml9A9xSgU2xAsMRkgPv681Hs0hUh9IdRCc0Cvgesz9juDZBVHtNO4gw&dbm_d=AKAmf-Byb7JRn_-p-JI9Dx2zJGz30_GLeQerbBjYaNW97v2k1gonxKMu1MNeuRELsWcXKbrs_DUgJo0npIUM2GLDi-hLgv7_xTsIvD_1v7qdyUJYDqOB1Xp2zCufvry2g79Quo45kRKbo2yd6hOYTNlXtHgjl_V4Ts6CEXNyIAn4OJslgNIlbeF3614ltYSUsmoo5VpySDpi7qvYz5PCTZBaeDUjMBpalx90m9WjiSQ45VwnnpwqD-TE4X6xDmQRgtwe-ZSCXHBxYpacxAseh1SCfLk6UXHA4YDcfJY56nKQX9k01g8Cd1eOrJZsVTvBW-Qb4kyOFhnEovv4hCmrRVzb2Imy-ZakdS7SmeU-Y_yOH9IwstggNEE3KYNNNoP5BMyLtINyYR0S6XqcYFk5iZkbqEWY0fKOyRbkVd2Vi73waOd92E5iI_o1xebi23Iu9alErXI87Sq06ox92I4BJhK9nmVHKRWC_s9evGI52i6f8AdEH2kF0pMKV4uCkF0tqOzZL9Kd-LL7ggxxkn4DPJQXCBBDs6akvihv3FVPSkR2smisxC1M0U8R751C7AC5SdyAi43bgHjLT_nrtczKkCCUXWHxME16NwWJRlkzBgCiucE4_2BvP0UBKFsPBixhSduA6PfInRVK9RbPYZ80Ab_6og9enK9AjKZzU-o5X0owgxxQNYFadeHsx3MlGj4-LLuQcCjw9GLH3nDcIWsr-ur-WxSOn8HOZ-i_q7849InFQX1vRWXOEcdGfFTW1_esXv90mzo4DhPdP9GMI3bAx-njOXsu7953dk1ZYatl-xxn89NAeuFHOmcmDPrb-jmn9exnoJIXkoZ6MwkfV237yjfAYoi6nv4L4B17X3GCTBXdLsooiQtraducOqgYqpPd5vhWZPDoZ-FeOTEe6gl2bDTVu0Yqqvs16cf5ugNKIOIhKkszPN5tHM80iN54DSotSqtUe_U_PaJT_Nf6DmGdeGsMVAZhGu9JqOZcAVo5_KJbHWIlFxy5Z9W0gtA1zGwCVMB6-GUgHeLY6r9S2Si09UjEfv1dFDJ6Ud2mWkyxXRLYhIwLStXduP95KghM4oIWeGdGUFZmog_ltKjZYls_OdxdKD0B8-pyI-kQfzsHuFAEz7ZgtOtA6zArYtZ_p5zV5p71yIeil11ZPZmaK4bCoD9Biw1ols6MF936xwvf8dwoQXO-btw7Bhv1Tk_wVLm3cYtQmj28CzcpHcOOiVF1Bfc2DhoiD6Dghua79GRHuRz_8JoaleuhnitvOME6s-F49NYK44Hrf1ymcMvk9qlKWQ71xzM7mkIrvFuOINyvbPF_iV64VDFvXtlFO-IHugME5H95W0NBNptTcPHReOesyc0wY1PUhzB0lEyb3o0joGGl8rBEnNcUw2kNxIdnXLp-NtT-kkEBvS2ypDmbYJ9DfG3LQpH2v2x-uu_Z9HHHzoZ-vRfGKdfOm97JOEhz4DVd53Ay8ME7JNGKF9pmmQafSeMaMf9Unwm2jHdDyHV2xBiDNtUTinzSa7Lnz2JdebjDvTYDyC-ORereTcSHrYrIhmWiQOWVaNBCaKkW0Vs1TNui4hcQ5IDWVcE-LmbyMXZSIYZ-3Ga_Mi-RVycKXdI9bFcybPvqZkZW9tMBKVGOrwuFxeqpbgHynEQ2jBBwpLxCTKTDpG-swG1OXgSjAI_e4qV77GPgWs4u_cw2kBXWg7c35BtuKLBAX5szqBBo5IYczSywjlZP1KZVFaVArPh67dFrpJwkjjln4RV2VgAeZsviOvPIS6szfJdKEUuF1yteza_MbDXMJNDjWwObes-0voqVN6dqd_1KLy3urCKtUxlrkKrjodYXR1GMl0GSWs_VCDSa9AoZP5RMRn3TRQ3pPOTbzSdNy8nhddayzhwnJYEtzFCBfru0YLgqX8rTJ3dnlL33nB43lnFoSYK8bHRXydUoNlInu5PBhzgybGZtNmol-8eAR1jqzIvX1y6FnGAiw2o1FaHv_rLELLfYwS1FMqULK2cx54Y3E9xDO-5iiMDSAmFHfYxq7JE_LFNUhB76Ec6pTbN3207p4pMxCKfC79AnPSCJRJrZhEHvCxzU52Hf-EY54e2ySl-vVkTzNLh1ieLe0tKMgijVCofQ5WDqbAHkzc4qiMio4ntaVj9RRbpflvayzCgQifqnxdLBg1h0shJpl3BV99qcPnzzz48OEM7jyl2QWOaagERJfqUCfTnOgfjVGlbcGhc9Tefbgj4Auw3iM4zz-teVAQEEwCHW0mdyqSnpalY6nRD944WhhDW5GyFS-emedwvb795nY5yCfbsQ39gXOQpRnrkuw_-1IOvdGZuhxg4cWIF-MNRooOEuM16DgBwvdUMoNelu3WqJDREXJI8nvTD_qnNd1ZhIpNuVb8jb00nMsMhKfoFwtB0CcEDZUTS2s669EUBwDAXaxb7ptwIrDbmhedakoKkC3X6nMRiMuqyScZLwnG_NpCLw6YgN0h8WzaNeHi2fR1op_9A8k8uL2N9wduNU6agn8TSdcA-MulRCsudlWr7p23LgTINVtBHvNKSg7OrSyZ_ju8SFFrUeLN8PwJ222YPmJ-D8CX9KtvpaTEHHGiGSHS9ALmaGIkVDz16ZuAs2iRFc7pli7y-U6cKRkEpWjB0_f9mw0kTeJwBquk59ZP6EaZyq3MrA7OsC-4nH8Te_vQWy1bIUKCJksYSoDiSven_F8ctgFBdluCIrpvRMNCAYlvV49-p4tB51ECC1OIE20oWwPgPVaAVfIwtphUUh1TkDawPDH9tUE1TFFDSbNb68xI1Xxr6o1ygXSMboT79c1pi0T3VfzUzGQWePN_y9M2Qao6DEulvcFw1RklaGLKJGYmwxj153KX44wawCiG7rBnevLC5lIIFNiSFR8E1D4DjFeZ8Bk7q7i21TiUdc0HzwLYfLaYWEwv2xAXG8PvR4U18czM-PTdJHIE_nyrDsX03dmAa4_AAnMBIwrv4vBnLGoj3tRvTooIYBuiZTRGCnGAsNL-CtSPQKmZdaHV47drgpmb2gq2RfMk4cDh8cyim-89qCRIWQmwwnUDPBgFtKPWJX3adH3AIYHvZOGsz0OLZs341l9xUGMF1j9W7sVFovrcgwjuF6OEs2Y0an1qxDirki2X6m-ZoWG0fZ53f_d3WSKHx-jSb0cbNWgVwKvtWbJl_FFsn9uBuytNvo02fojONI94gPmLMWGpxmqzLXwqRX1taaxLG7n6y2CCfNnKvMWdya_WViw8mn7lH_tX6f6ymBAPedq7kEA_Ycgas2bb7cqrB4ldW0RrlSbg&cid=CAASEuRo5vMFQT0XFzF-q44bSuYHzQ&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:40 GMT
container.html
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kiwilimon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kiwilimon.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Jul 2021 16:05:45 GMT
expires
Fri, 08 Jul 2022 16:05:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9498dc99b1ad4593563f1c436686ca8cf224c675abae2b43ac1dd3f5737a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4668
date
Thu, 08 Jul 2021 16:05:55 GMT
expires
Fri, 09 Jul 2021 16:05:55 GMT
cache-control
public, max-age=86400
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 347D 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_VTKYLfElj9QB_XdbPR0ZGMrhH05BDVoCLmxf7mmTtF6dPtoA2Fak0QiU_nDYMj-uJ0cnSD_0vzd9zn-MXpabrrSVo9kWQ6-YuauxG3ZQKbFRMgJalf397A1g2teBcWWJ6fYkMgyn2-durIuv0Qi5ExyueUqGI-PTUAPkfJ2YpFFdhFhiWMvW68OghG2Sbty7dHs3tYJYJuQMohvLLEUV4b17rWOhbVEx7iRVGwtGTn4iwgbvjsHNHAU3qxOmxSq0tlpVev05wmcwWBmr_OcyJkPHjxBTgSA0kTdEsCIEbo9POGE4ujq3-EnP-IjgdloINWI7_WK_JrSC4oJrdynsKXuClFVu5rCinxA-rV1Zz1fDSxnbIilSAeyi6H1WGJQLgnN4tWC6UDphskvwSKAHRG0px5835eDRPX-1iy33HsUxQla5ohTZqlFehvFHZ53HQdf5bXFMrZ6kGtktHofW_m-gbOIerwZV6hrcOjLHmnvTh7kBosZzXbzBSJxhBVe4--UvN-A73FWazzPmmj8okfAp6USzJF46lgDMcUVLZu4d9MdFRh56TQzH-nAOHkb6CoS2F-5SdYMktWnnBSRnHbNhaBqz1EZL9WyeACgaPu0MpXZa4WWNYfAGZUjK_5asEGFIjLgHaYYlB2XOcsnj3o9S5u7tWwP6lZR3DzXZstzKFOnLR8MpJ_EBbmaHNFGnobfTxNHBYX4zNeKs9Kdp2M_d8tMy0S2r20aM5v3LMFd4LaTfe-0ZXiZL3gn-D7Aax35ouX3WPGiXhUEuFia0RE-CW_5J9iQJ5SnpTIBFpqtBIfEOk782oLg0ZTUKHkjEUL72w4rdFhATloiiOCi1OivcD7zFMxEL5ZT1Uqtc70KFpjsyNHRNpQNHSqtwYcwk10kgTWXMamudvwWBEdSAcL3xyfDIW8KUv58sE0fe51b5TbMM8Deoz5glGILf25eosQ6dvYI2fs_lFrx8ULYf54MRFHcn_fNkLludfgaRYSTMR-8e6IfeuNwpG_lY61vuSn0Sb_b7FQGa1neXhBnG_UZz4c6ZWVaNAIpoIhcZVR15YVQelkgmqe2Geb1xK14qrVUJitWEvYxw-up-zc8ufhJVo2_i3ylat9Re0Om2tcgcy4qWEUviKYWajIkMvdd1YrItNQ&sai=AMfl-YShFTCTpQlXLayDnTxMXJunvVEvLhOZMBsofle0CEMb1uhxeKk30U-2dHizFq-FYhsPSYXEmcHWG13P_zoOrnU1RzNVetvJRJHpVff66kZfk1Wutzm5v32U0Qlr5J7PXagijuwxHbQSUGkuH16Petr3LZElGdDvNXn1Ayg&sig=Cg0ArKJSzGOfW6O7BXJTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=106&cisv=r20210624.97999&adurl=
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 54B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 54B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 54B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
162b0780-1011-4064-80e6-0416370ac159
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 54B1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO6mwc4CEPW2mtYCGIj1l68BMAE&v=APEucNUrBmKA4pKyRZf2vs9FU_wfgN9dZ2ooMeAczyq_J-xfBqjCCM5aThXQ-Y6IwxyFj6TQlx28X0S6WSoYKTIyQZux9QkYF4MS7EWT-VNVjcuzEJptAjPv0tAywQGDhTzsU0eSiS8t5-gMoZGi_sn7zfLSOtAPgM2t_UNGmfcOyY1lJdmGCbg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e9ef079d-1627-44c0-b8ce-ea66d526ce0c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/ Frame DF24 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16856
date
Thu, 08 Jul 2021 16:05:55 GMT
expires
Thu, 08 Jul 2021 16:55:55 GMT
cache-control
public, max-age=3000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame DE87 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNc99xqofBmsxz7vTBcQE-eUgtuk2Z6XGK_kZh99UDV-7VDpmx0QF-AzE9S9zFhVPKiGS9zFeq-Zr33uGinZ8J5LnxxHiitfoXtin4AiQquO3yXwJJKH7c9BLXFjTf22OAzlSoKnTE2fIdNSI0fPFOGw6UCVO8ZFJKoLxTdDBy7Smb9pVP316NVxDXxzmbB1A34yZF5xxW4WMzLxvoEX6yBDBtHFPEEEQ2rxvzHoO3eusdJCziyNw_43bPs5vB1YYHHW9K4IIHOiM0fFuAZfyRowy8OaAfKH57kD7yI2nYaAcN_ck0rh3fq5HzcLdJ48LNBXAZ_9Es0NfVRgI7Ka9TTDgO_p6IlornQfxEgY08txr52SP23UwBwHIsWj_y-dcWO2jIilOSWkWFJCXy_oHD4bp7Q0nr-tHq0LyLRWJFw1I0YBLVidbrCfAp3pJk0hqghJ9oxBfrxuLM5CyFsWituZj6WhEatRy4lRJIME2N4By3I2295PH8a8uHfL3mTQUadua6T_lq0gSR-25vKsfGGoWztOXqggW7tDAh5ykYPSDti1wcXrd0g9N71fdy4HpGHeJf14OQ-GmiQqwwa5FYiWVAKG3DmnK0vQgl7CW4fPTmCviPONN6-zqvMEOc6ZziKbNxif01mY3XjCWzrss9oI2rIPqiBRa3BvFD8HbHCNaj81GmLqjt_j5s5e1aVj2WHzDBtvANFlyDvHaqV1LM5dKBQrn8C7DOQFIMjkDL4Oi5yzoM6XOKJw00Hf39mcpW7yUBb1gCIgT83oNRsCP-3eT1dGsYGXz_1D1jlm_thv8JVdJPE-LURDnviZGjhU7V4HrUzZzJYuFMBNK-RF19_DZy_dA2vjXTcr0_c7shfp0ciOsNOLNv8dpD6nlOPPBxNiMZ-YGp7wiRhA6iiFXoa0UyvuFciCPtXHRnorVe8ea8F8_0H4a15gEVfp-fvYFEODZyYGrSiyj0v45u01vinDlxSBUw6pmqY2PUCUUqfkRrtLYzAQszzDKvtpr6NSkwj43AyCRZ1An_E8VgzeENq1KUaZk7Lu0opf4U9QGmhJPrfrA8DXtuKkV26-uanfsHRuDQGyQBOI3NZuzWFRFhEiKgawWywcP8zuXIZ9p6pZz3CY_R9OD9lYxWZW9wwgxZe00ZmpdOwLB0vX2ghfnI5JQ5ui9PSfEB-wN36SWg_J_ruAr5vMJ0YP7MmVRRNPG4zLs5GMeNTU7PlkBAQK3SZbdLpeZMOw&sai=AMfl-YSLScv4xc0uwUfeYf4SJW0X3saCzm2oo5vdHyzF5Nv73BE4dzpDSdvAdFB4YZ5rfII6d69DqgUlPhXndUHJRSqgAUc_WTbX0dL3_24eYsAk-2rgyKV9zoao2CN0REKU-KtCsYdEek6HbMkT-MfYmguXgAKrew&sig=Cg0ArKJSzLF_u02MPDrIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=96&cisv=r20210624.11046&adurl=
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DD6B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900016.redintelligence.net/ Frame 9917
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kiwilimon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.kiwilimon.com&random=6446385836005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
bebbacbd35203cc2f993045fd242d28a4e287338bd59803afcbb1390bd8b149b

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:56 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
16084100118496600628838011649016
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Thu, 08 Jul 2021 17:05:56 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kiwilimon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.kiwilimon.com&random=6446385836005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 08 Jul 2021 17:05:55 +0200
pixel
googleads.g.doubleclick.net/xbbe/ Frame B3B7 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnE74B9IwPPkYj5vET8uE3FnbhHKbCmkm1PSwrdNp9AgCoAcel79RfW0SMmUYM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Jul 2021 16:05:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame CC7C 		43 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a242f1aeef265489a9b4c4205d17b03cbeb84185d536ed9a428ced2137ed2a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKrNY6p9W8oA0JlZsixqjHND7_C3a2ZtPY2wFuqCxaqEPoAO8mR0QYGFuqx_K6dBDttzsOsWE9Rr3bjj7srYH-a_XH5Mx6UpniLpu2Px2vHqUdseM
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame CC7C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC7C 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame CC7C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:03:20 GMT
l
www.google.com/ads/measurement/ Frame CC7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUK1rnzer-Y2AWqMG9KI3P809IrZqycfhOR3JEYi5brL2MqMDIH4tSRh9ulOUUFwxV_nuc-iFsC4XpyUkWZK0oomNK2g
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DE87 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 14:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 14:19:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D224 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Jul 2021 11:56:19 GMT
expires
Fri, 09 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14976
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DE87 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c8b1ce18f85880d041b4f908fa38bda33ac69108c53ad586c01ed1fe9c39ecc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame 73F0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		55 B
78 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 23:43:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
58918
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:43:57 GMT
gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		731 B
260 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 15:42:14 GMT
gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		281 B
184 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 23:43:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:43:57 GMT
gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		157 B
141 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 11:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 11:51:43 GMT
gwdattached_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		26 B
49 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 22:01:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
65076
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
x-xss-protection
0
expires
Thu, 08 Jul 2021 22:01:19 GMT
gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		24 B
47 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 23:43:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
58918
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:43:57 GMT
css
fonts.googleapis.com/ Frame 7A31 		2 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89f7f0f0ed67970f813b4fd1f9cc561ec4c0ee0e9fccd08541a7889549b517af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 14:54:05 GMT
server
ESF
date
Thu, 08 Jul 2021 16:05:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jul 2021 16:05:55 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 14:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6269
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 14:13:39 GMT
googbase_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		400 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 08:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 08:21:19 GMT
gwdpage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1307
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 06:23:13 GMT
gwdpagedeck_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cc9c19f7f03042ecb970557d5622cdd897a7dfc3ba92877137824f7ce88efde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 10:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 10:20:59 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 7A31 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 07:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 07:31:38 GMT
gwdimage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 14:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2004
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 14:57:25 GMT
gwdtaparea_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 13:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1809
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 13:23:07 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11084de664d888933874102638926c6686af22a88f1805fc3d4f55ba91b2d816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 23:43:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1286
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:43:57 GMT
gwdattached_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		1 KB
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 13:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 13:09:04 GMT
gwdtexthelper_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35b384bb05910ed7d48bd862cd68e26612295c2019ae64a59984908292fd5bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 00:12:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2873
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:12:26 GMT
gwddatabinder_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
414eef74ac6306127645beddc4f34f59a6ea3994e410f188481d736b01ee4b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 00:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2321
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:55:46 GMT
gwdgooglead_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3f7b457ebebc60c111e92d8dc5d497b4c7fca36bcf99cffb9a1705f47424676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 20:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4411
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 20:08:16 GMT
gwd-events-support.1.0.js
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		2 KB
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a6a6286fb73252576c9346ddadc9c26d4e2ce795e3710d891cde7aa970a69a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 09:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
612
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 09:45:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame CC7C 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame CC7C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 16:05:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CC7C 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIP7VnFHcigwzqEMPRqEG7-SXZtv530CFip9R1uKgy92sgcdrRpHBfcdKivJibuaKzl94x9IaFtAeO7eC-xrlWA_YjlKcZSi3JZq04vXd_9N90lGR6QSOOlcnBiLCxfqhEahE53sZMW7stFKI7fp2H4OcS-c_-4yD0eiLCTxpEQWdHLvTlFdbAzD717S5p5HIv4NUC-8XRalaa0ZfcbRBRDnO3QFIFcIgqI_bxXza_tCH3DqD-vsXVdTCtug-wawtz1MKgk621JZNQ91O59V6oe7PNzjKqXKmC06vuoeqk73Ye8uMN2DTh82OV14i1VvIITFJ6Y3DCZAIaQZAesoZOWqbjzn0jULkDx7Lyvl4ZItUkm35BhiInbgiTFMUc4akLHaZIzT2QzdmUY0Q-SEQKTgfnLNNfchKd7WlOfv1wZbpFnxMIu_eEBWyQhqkjrDY0cWTd5h4R78IDXZv-Rs2SeFbISHnfDpkEQR7K6DhwCOy7iPVwct__Qi2Bg-_QThHtQqSO8TgO1C00O0byWYGOE1IwUBjG9UV2uqcljBzKE7dUXznGItxkFQa2XV1RHK5jezT2tAXp015wjGQ9UE174M0jcM86eN3ZNiEhqm0I36ULhRlsxvp9wwvI8DctUqg0kI1Pk0eBV4jUigLdhxkDU8oSw_p4SxHW_esjEINXo1lvib-d6c5_71qrtDa4cDJg9anXaHEUhkD5ecom0jkrZqqolpB7HadsIK6bk50wzO5_LuG6kIYfq3jdwH2N994u_69ETMm3YTjk-q3NCq7aisnfynYl5f030h8TqIuNkHbTKEa2aMvudCMCxtBd1MJ4skf9i9S-in7wz9vhmZtGtltgQCtskHZe5FptlTA_f-l6MuS4m5_RbjRYT7BW4YZf5ecOdx5TrILJwi7G89TSkM8LRve3n5gLlPZ3rlMhJJAUp-Qs8LVzKvFoWHxclEt00a30Jsya-GXA_Fzty1DDRXg6RZTI5RZONIUs63_5Wd8e7cWlszN8CZ_h83xkxcS5BXRZH0_UfABbEFv8M-C9WMPtcgWH96oe41cQ1YdUhGv8aAxhhaWJTFGeLjm7GN2sjzubz4GMxl8_Yw5zksaZl5ZLKnkr4g8myP4HCIIouzkAuub2MxDZ-Z3asYmge0Qt&sai=AMfl-YSzJ9J5w37Z_xyPzYopLzawVhyxAZs6EpxOpsuc58LWCALUTVX6m1r8YzI59MznqCHx-6AdDyc5YMG58-P-T36czumkr0QYWu5oxw370ABn39SxwACDk4VETNHG78NnTv8TBDi6D7lLrVw7c-mB-0q7Cx-oDQ&sig=Cg0ArKJSzHA3EF7tPxcSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.33183&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 08 Jul 2021 16:05:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CC7C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 14:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 14:19:25 GMT
2021Q2_Dutch_SingleImage_GlitterWoman_728x90.png
s0.2mdn.net/4646536/ Frame CC7C 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4646536/2021Q2_Dutch_SingleImage_GlitterWoman_728x90.png
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de64d0ecf7c893b19acca082621bfc948b3eb1122bc9931c46fb9245d1ebee3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 17:09:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 08:48:34 GMT
server
sffe
age
82573
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43736
x-xss-protection
0
expires
Thu, 08 Jul 2021 17:09:42 GMT
css
fonts.googleapis.com/ Frame DF24 		2 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 15:09:37 GMT
server
ESF
date
Thu, 08 Jul 2021 16:05:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jul 2021 16:05:55 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame DF24 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:55 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame DF24 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 05:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 05:41:49 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 80F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame B3B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B3B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOciYwklaVTLpebWRsmr-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Jul 2021 16:05:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOiVEGfHEjruBdrXJhDnyRo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B3B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:56 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f8bef7c4-3075-49de-99fc-0fdc6138aaea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKb5q-d9t21q80V7crQ1wo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYoN7PKjAB&v=APEucNWXp7fzwnHwhChJKaJhzD-sc2PgrzgTLihuSwQdW_jVgZC8wwAgxVsXxHw6kQ-UxwiL_GZBbOeA5sNq-aQoovp275pACHC7vGFPMhg_0_HRGvOguUw7pCHCWoGi5L-7fYNoMGa6KQheZyA9bFAZWxoRIM5nIwDmMt1zL6k_oYoCFzaxo5g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jul 2021 16:05:55 GMT
X-Proxy-Origin
185.210.217.140; 185.210.217.140; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dc7a09ab-2c06-4b91-b885-b5e315346fdb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxOTA0ODg1MjU2MzI3NTg0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKfP5q3TMPm2cMsXUX1z9yA&google_cver=1&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ4VyEp9eJ6owyiA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ4VyEp9eJ6owyiA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Jul 2021 16:05:56 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPIwHYBv5yn0OhD8YHKQKVFn1D14-9Qzqtbv7pqg9mXsd4r1wA_0Zyi_mxqssseGj1SL9h4iEYAkXndYqRoJ4VyEp9eJ6owyiA
x-host
tde-deliveryengine-production-66b988c8fd-5vck2
alt-svc
clear
content-length
0
dot.gif
s0.2mdn.net/ Frame D224 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEAvwjPsBzDCwO0XNrjBBAhE&google_cver=1&google_push=AYg5qPJRJqJu8ix-0bLuXsImWuGlifEG6ujjLav0nCysrQHUW9NYQ81ewMPk_EDaXUigslGf3iQzMP0dQkkWE_3efdmfv2DtKCyv
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 09 Jul 2021 16:05:56 GMT
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELt76RYv_brtA6FyKm596MQ&google_cver=1&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrl...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELt76RYv_brtA6FyKm596MQ&google_cver=1&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQq...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLxKDW0PUc_zHknIHvK_W8k1uNB5DHHEbJlntLT9cj43EFYi8kC6dcUfruNCTCM7MWK6XmfGrgsgM6FC-HiVpZQqrlfkSRTvw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPVMoy4_CG1BqwUI4UsMwug&google_cver=1&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS-wTdH-Kgiq4q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS-wTdH-Kgiq4q
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Jul 2021 16:05:56 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKyJjvdr_dGrf7pI_1HDFxzN_HCMRW-mCv7lxKlgPWEfcMUkCIRMStnmC2jvNZ3hSSRa0SlMw2S-vMO9TqS-wTdH-Kgiq4q
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
fsXa3LpMH2PUFTL0b6hUiOSBP6lEWLWmby1bUEAD5kHxDYUCOq4ecA==
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.targeting.unrulymedia.com/csync/RX-5ada51c9-314d-4a30-8843-faf953d7e537-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI2w_TK_30iLfMo7FRpP...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q&google_hm=A1raUckxTUowiEP6-VPX5Tc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q&google_hm=A1raUckxTUowiEP6-VPX5Tc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI2w_TK_30iLfMo7FRpPQpYpM8RgpVABKY7mqYL-dNX1eEBHBeweT_ohNTkWt71tXWyWICpiqNuVv5AgzdEM2woSvBJtdtD1Q&google_hm=A1raUckxTUowiEP6-VPX5Tc
date
Thu, 08 Jul 2021 16:05:56 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5ada51c9314d4a308843faf953d7e537003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPxc6oMffyLxBo8aFRLPfus&google_cver=1&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8Z...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPxc6oMffyLxBo8aFRLPfus&google_cver=1&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rQnR2eUlWRTJ1RWJnT0JSVFUwNlZOal82bXhrdHpXR35B&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rQnR2eUlWRTJ1RWJnT0JSVFUwNlZOal82bXhrdHpXR35B&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8ZR1jWTeLxcQaLaPDMr_t_qm1QKB6eQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rQnR2eUlWRTJ1RWJnT0JSVFUwNlZOal82bXhrdHpXR35B&google_push=AYg5qPKN5rbEMZ-UyKzqrg2hnPEdw3JtvO47UOCqYhQLSiUbX7tQM2_sy53jzT2tg-hx3GbF8ZR1jWTeLxcQaLaPDMr_t_qm1QKB6eQ
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame D224 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGev8UD0mW_hkb1DanMNflk&google_cver=1&google_push=AYg5qPI19OsujdhwQHXfUUiLULQ3ofG2qZF_Kt36jVVB-dkSGoI7zRf39GSx_UQKAe7XOkrhE0hBaClBp8-PzbnpO_qzS1FSSMnbH5Q
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 09 Jul 2021 16:05:56 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D224 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbQnaSQly5JQH_OKipTTnhKniYp8tXaQRANIOq5sydSnz9t3i1u5jrS3zxWP_4glda4eNaBFc
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame CC7C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIP7VnFHcigwzqEMPRqEG7-SXZtv530CFip9R1uKgy92sgcdrRpHBfcdKivJibuaKzl94x9IaFtAeO7eC-xrlWA_YjlKcZSi3JZq04vXd_9N90lGR6QSOOlcnBiLCxfqhEahE53sZMW7stFKI7fp2H4OcS-c_-4yD0eiLCTxpEQWdHLvTlFdbAzD717S5p5HIv4NUC-8XRalaa0ZfcbRBRDnO3QFIFcIgqI_bxXza_tCH3DqD-vsXVdTCtug-wawtz1MKgk621JZNQ91O59V6oe7PNzjKqXKmC06vuoeqk73Ye8uMN2DTh82OV14i1VvIITFJ6Y3DCZAIaQZAesoZOWqbjzn0jULkDx7Lyvl4ZItUkm35BhiInbgiTFMUc4akLHaZIzT2QzdmUY0Q-SEQKTgfnLNNfchKd7WlOfv1wZbpFnxMIu_eEBWyQhqkjrDY0cWTd5h4R78IDXZv-Rs2SeFbISHnfDpkEQR7K6DhwCOy7iPVwct__Qi2Bg-_QThHtQqSO8TgO1C00O0byWYGOE1IwUBjG9UV2uqcljBzKE7dUXznGItxkFQa2XV1RHK5jezT2tAXp015wjGQ9UE174M0jcM86eN3ZNiEhqm0I36ULhRlsxvp9wwvI8DctUqg0kI1Pk0eBV4jUigLdhxkDU8oSw_p4SxHW_esjEINXo1lvib-d6c5_71qrtDa4cDJg9anXaHEUhkD5ecom0jkrZqqolpB7HadsIK6bk50wzO5_LuG6kIYfq3jdwH2N994u_69ETMm3YTjk-q3NCq7aisnfynYl5f030h8TqIuNkHbTKEa2aMvudCMCxtBd1MJ4skf9i9S-in7wz9vhmZtGtltgQCtskHZe5FptlTA_f-l6MuS4m5_RbjRYT7BW4YZf5ecOdx5TrILJwi7G89TSkM8LRve3n5gLlPZ3rlMhJJAUp-Qs8LVzKvFoWHxclEt00a30Jsya-GXA_Fzty1DDRXg6RZTI5RZONIUs63_5Wd8e7cWlszN8CZ_h83xkxcS5BXRZH0_UfABbEFv8M-C9WMPtcgWH96oe41cQ1YdUhGv8aAxhhaWJTFGeLjm7GN2sjzubz4GMxl8_Yw5zksaZl5ZLKnkr4g8myP4HCIIouzkAuub2MxDZ-Z3asYmge0Qt&sai=AMfl-YSzJ9J5w37Z_xyPzYopLzawVhyxAZs6EpxOpsuc58LWCALUTVX6m1r8YzI59MznqCHx-6AdDyc5YMG58-P-T36czumkr0QYWu5oxw370ABn39SxwACDk4VETNHG78NnTv8TBDi6D7lLrVw7c-mB-0q7Cx-oDQ&sig=Cg0ArKJSzHA3EF7tPxcSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&vt=11&dtpt=83&dett=2&cstd=0&cisv=r20210624.33183&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQMCTzsgDY4txmWRYIgp8njLf5U4-pzGI7U5Cg-QyPlFshRwW6mkSpWkV2QIToFUJw-FvKdhqMCLkbbcAnOP2yE6QNqu2UrFkWXweoB-ngMASJW-v8pDW8nc8Zp6bajZCGNfsnrh4RiWZP_V80dZKi_pDTdQ&dbm_d=AKAmf-A_1nsZ0O6qK_6a8i2qhcWVpvggsrGcRWjQf7gRCdWGNCFyJ9BWDU2jI6-46_kocxzHEK6Ti4mHYfC3TM8t-eFVow95bZJ9_lBHdB80gnrZ6LzjRXAuXVFBWTr6PgfMjGmRIc27_TZtfIN4fG7l718BefobzJ7mDs6IpWfbKx8Aet_FXhs2yGGFlw02uuYk6BbvfP64KxQ0jqg60Vcy6dpeDnkrfws8PHYGLlR66FtCFVhNLWxuAQ4WTph7Jjp0vBAXE2BnAgttgP55Iwi4eEJLi-sD9ukhuzK5OKsE-YiCU_kXTWdoSy0tuoxPI2g9fmHYpVOA2GzKStMF_jslAPTS21cn6xfWkwLH9ISgDIvA4YqH_uFnhpt05Y9XvjnPPPa0Kz7kuYUTjozfTJLlU0in44rTSD0gbIhBiFieotR9uddHmG9P8GR59PssG7u40Kg5iufcAHxzT6uEE8nCHNc8ubg4bLuP4at9JE6cXzxFHb9VnFt3F3ICUT7Zi6Tqm0x5EJGB3C_a5_2c3usg7gCPYWLjEZYOdgZ7zPy8EiD-lwh-_UGOTLcf6-El5o1NTZKYJ3B4G_eYzrpKM9Q4ey6Mxo1Cn78WApvA_wtoIvetGzt88ixkKKCHTaQfx-waLvfsY3c2rqP5vM62znCEAvjmPdlIvXurEzbzy2p7I-ezFWNjlF7S_Mc3JAYu1vdU-p3RRgsIzeFq5S6S5KB_WXXV3qXiVShw9yWmHXqFS1p8AT6U7DzhYBf4yPCCGTWw5FtwDsaASpYIxH2xADnKavefvmRnwPrlVtjoSfslHzs4q8Sqv47fax-neuK91oYXo71EJJj-JXHGk6L7v5aLRUrhLtFXb8To0atopZQP2HQLPTg0MFe09PVzjjSaCkFoDaX656aeYVYK3S4nG6p7E-q7KJOjwmhWI60zOBwP56AK4usirh7vC3hvUP0t0EHsw-1BFLX53RhSq8ixIntsyE9hIAK8RGnmtxl6D1wkfzt1zuv5mX2kPxNyr0vQ6z-9HiKvJgFEidaU3TF8CSTKGCRAROm_3GuWZHlP9VdnckOGFp-s5SDvrNYvuiEc2m6gZXnJPDtE419mXB1GeuOKRdXMUabI-ZpfqamcP1xOQ6zQ2cuUkGf4cKuLG2P_fevX79n3JSnjMrNAr6oJrQOnfQx_PAFYToXkVRorqIp7uOf6BJ_E-QFwSAnP5jWMftXtoDJqGwBIG3MspDP_Y_08VM_GG4ABhTgwGjP4mP1XWBapokEnaV_xNymp8-NgBOwpcvnfgtYHsIfVwH5rZ66E_XnifI647s_MhVE0f5M2gj_xNXQN4w5maM5D334DbicHkdleBYM1rQEEFGpqj8D3ljRboRTtGC-ctyWabIdDrqtmb1nOW2EPNToErnUmDYQQ68-hTU0UuI8CgdOsegyOhn3rBAzl8wZPcrP-rVQvtE2rx6OFAV6K0QBbO859Wdn6mPwMgwBiVfojkzb6Sgh_k3nbh8PqPwLsLoIjSRU7paqvgQnHZ8Dme4VdB-r63aGngkOqd_RwniVbX7x07TuEwX6kQyUgfCWhAcCD45hvXAwpa8y5rpVttlDVwf4scDremEST3FFfs5wDfaVKQmkvAwFsO7tJW24y-6Y5uoekOyU6OeEA66RQ8-FFeQmczsFMg6ICFEgbnH-Famy88iyzhakKRXW_hQWM08s7uG6mMpzszYz3l7VBvrgCQ3Ez6Dawrxc8c1dv1k-DA3Bka_7f8gxc2g5V1nfTuiUe3U10dWGkfxeqTJCRWJ0x5ZCFaUwcJpeduR2poVEMz9raFoCiZTspX2bu0_2RC3ag2v3LooBnfyf7m_m32Rg9Jda1GgGgbmHzN5PDMQxASWz1JcmNIN8v2vn-I7KYi5BQEVco8sW7PMKZOz0dgei3zp42bS_WRnPARhjQkOqydChL3kc7pP0FBz2BvxZRtGiiWmV4y4yZtPTWzai3LdKo5xZhA5qbWUUjyAUHarXtzdb5pnxxXNxtFqmHrLHAXHE-WrXfkWeq0K1NzZd3EP12bkv99VcomV6b1e4RB7zsZrK2iqLjKcHdDIE5VZKSV1eftRSC2r3hpjAoBBtQIDa7GBTAhKwvG3F6Lzs4Tj-WMNdztZIt0DQsQqEVcZ2RbUGVy7vO-SvtLSfCLGeVd3KTUNMPLg_DVMcFSBSgJnnHfG502qZtYs-GcipMxljN9e31nq7uyK-i0H2vrKUAN2-WTuO-MS_z4-LGxcRU1gP1B0mu-T90ZIH4uTIz6CP16m4IWNnufGgjRAeQ5glxyO2wrvsaCSIUnXs4N1RzdMhoKiE_daSA1rsFNcye2hZ20hkzKbSV7fotffLGU9FPFcj8HB2af61fbAReJ5D3zVPOrXz3CxlcCKEUZL2ZR2_gQF_vHxeHK8f5ZVr4y8DC3LFLjvle4gMSLkBLD5ulTQVTaSEHNaAjTJf71bMYdv8Fv0OmmkuqNYjdw3NuOlVYwkhR6UfTtdXgzOU3_0JyI_ZQyLYyyYBJl4M_bLU5Ty4TtBUmXNvikMOvNq0IQ3DXvl-mB64dVT8PuaS7R61ttbL0nC8E0uGTy1V912YFThyfZDBhdj_BMC8KsLDxDLWpAzJm9h7sixb6j7Llf50zBLPg_Ub7HHI468Fa4Cpb2PkKvGAKPT_0kDg0L-2LxGL5sRtsc7f8JpP4gE1gWlUBF4M0UJlsLc68a4lDJYMTJh-twG4PvZ6-C-xrcOQJohpztCS6iuHwi4Zo1hnk_7ZxH2nkZbGhtkCQYA1zQHGJBZT3USaoDi31_NHAm_s_c0g&cid=CAASEuRoVL68xp5o3ov66BmySS9Njg&rfl=1%2Chttps%253A%252F%252Fwww.kiwilimon.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame DD6B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
TUITypeLtBd.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		64 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/TUITypeLtBd.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6174ef17180718a4e0c3f3c60e6b8eb205faf1494bbe7ab29756d9d8c5df599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 06:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36053
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 06:54:58 GMT
TUITypeLt.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		62 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/TUITypeLt.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
961fc3118c10ae808c05a4321e97b383a3cc9742dd3075e363a7f700fbc40e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 19:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34275
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 19:26:29 GMT
32e1b336-caa9-46d4-a3d2-28258cc1d269.gif
flextrack.msi-aci.com/track/ Frame 7A31 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CCFF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 06 Jul 2021 14:19:26 GMT
expires
Wed, 06 Jul 2022 14:19:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
179190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DF24 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options
nosniff
age
206018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:52:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0351 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Jul 2021 11:56:19 GMT
expires
Fri, 09 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14977
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CC7C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a748ec626959304f8ce763dae21170a84a5f4e47ddd7ca1e48dcf30e0fc7737

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame DE87 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNc99xqofBmsxz7vTBcQE-eUgtuk2Z6XGK_kZh99UDV-7VDpmx0QF-AzE9S9zFhVPKiGS9zFeq-Zr33uGinZ8J5LnxxHiitfoXtin4AiQquO3yXwJJKH7c9BLXFjTf22OAzlSoKnTE2fIdNSI0fPFOGw6UCVO8ZFJKoLxTdDBy7Smb9pVP316NVxDXxzmbB1A34yZF5xxW4WMzLxvoEX6yBDBtHFPEEEQ2rxvzHoO3eusdJCziyNw_43bPs5vB1YYHHW9K4IIHOiM0fFuAZfyRowy8OaAfKH57kD7yI2nYaAcN_ck0rh3fq5HzcLdJ48LNBXAZ_9Es0NfVRgI7Ka9TTDgO_p6IlornQfxEgY08txr52SP23UwBwHIsWj_y-dcWO2jIilOSWkWFJCXy_oHD4bp7Q0nr-tHq0LyLRWJFw1I0YBLVidbrCfAp3pJk0hqghJ9oxBfrxuLM5CyFsWituZj6WhEatRy4lRJIME2N4By3I2295PH8a8uHfL3mTQUadua6T_lq0gSR-25vKsfGGoWztOXqggW7tDAh5ykYPSDti1wcXrd0g9N71fdy4HpGHeJf14OQ-GmiQqwwa5FYiWVAKG3DmnK0vQgl7CW4fPTmCviPONN6-zqvMEOc6ZziKbNxif01mY3XjCWzrss9oI2rIPqiBRa3BvFD8HbHCNaj81GmLqjt_j5s5e1aVj2WHzDBtvANFlyDvHaqV1LM5dKBQrn8C7DOQFIMjkDL4Oi5yzoM6XOKJw00Hf39mcpW7yUBb1gCIgT83oNRsCP-3eT1dGsYGXz_1D1jlm_thv8JVdJPE-LURDnviZGjhU7V4HrUzZzJYuFMBNK-RF19_DZy_dA2vjXTcr0_c7shfp0ciOsNOLNv8dpD6nlOPPBxNiMZ-YGp7wiRhA6iiFXoa0UyvuFciCPtXHRnorVe8ea8F8_0H4a15gEVfp-fvYFEODZyYGrSiyj0v45u01vinDlxSBUw6pmqY2PUCUUqfkRrtLYzAQszzDKvtpr6NSkwj43AyCRZ1An_E8VgzeENq1KUaZk7Lu0opf4U9QGmhJPrfrA8DXtuKkV26-uanfsHRuDQGyQBOI3NZuzWFRFhEiKgawWywcP8zuXIZ9p6pZz3CY_R9OD9lYxWZW9wwgxZe00ZmpdOwLB0vX2ghfnI5JQ5ui9PSfEB-wN36SWg_J_ruAr5vMJ0YP7MmVRRNPG4zLs5GMeNTU7PlkBAQK3SZbdLpeZMOw&sai=AMfl-YSLScv4xc0uwUfeYf4SJW0X3saCzm2oo5vdHyzF5Nv73BE4dzpDSdvAdFB4YZ5rfII6d69DqgUlPhXndUHJRSqgAUc_WTbX0dL3_24eYsAk-2rgyKV9zoao2CN0REKU-KtCsYdEek6HbMkT-MfYmguXgAKrew&sig=Cg0ArKJSzLF_u02MPDrIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=306&dett=3&cstd=96&cisv=r20210624.11046&adurl=
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7A31 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1a693a350cb91378cbdbff27ca45ec71312d8c447d36ca738e1a6702b1e4ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4338
x-xss-protection
0
request_content.php
hal900016.redintelligence.net/ Frame 6018 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=bc33a4806b&subid=&uid=dea0918bbd5d65e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXficYyLnYMv2CMKqx_AP8cGewA67-oSKV97Njr3wCfAuEAEgwf_eImC5-MeA3AHIAQmpAreAUDHN2rM-qAMBqgTBAU_QCbFmGQDn5N1BA0uZ-pUOL1nIecG4k4DiPiBXUm5eilzRIbkE4MgBloZtfX6Nx3PD-L8n7HUxb7saXegJTlYvOO1BpuKW5LNerLE4Sg8n-NgVTbn1SJZ09ZeyylwvyxF73ExoSCBuwcHLZCvrfa7u3_sRvd9sVzmKKNvbpM90asn2IVP8i4-HSBIh2SYckQ-f81UqgjAAqE2mAVlissez_bVznIXMT23fyfppfAoqsqJEyEBDcvp9u558lM5yNYPABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRouMObOH4Drn43KtZfPADsK69QGg%26sig%3DAOD64_2fBfqZgNS4UPy49uQ5DZnPkDFRRA%26client%3Dca-pub-9425934425785771%26dbm_c%3DAKAmf-AYodfXS6Gzf4K2PJLdefIzFo0Gyn4SQS3bOgRYPiJe_iBHlwI2cRhTloPMyje2xDXaai2YsKYxJ6Zv87ff2f8oyxqwliiKYQ6Gn71xDPT-SHXDSBUkngkrJ-ezmyzgbZvEFxrFs3YMG13XXizLs6uDMpY-DQ%26cry%3D1%26dbm_d%3DAKAmf-DgMqZ1Zo9-S4J9H4PAW2H1zm0Z074Or0hA0Bj9serNocP8xdxdH6UlAU4mbCJsidu_i2LS4sKGxJGhS9PUr1651pBwWvr7ONt8gOnkDXiQ1rF-Kt4qWzU2hRfDit7lCL17sdwiOmWR4_gl7OjBJyuksV123AvnumGx-I0QO4KcQSb2km58ZyMxj9WdxSVoCbfYeXEU00bgF4E2jr40HjDcq4jOta69TckfPEUbCf2lQjh89_DND9BDIvWRdvBZOj5OIVZItb59zeHtwd0oPq9mzzZjG7vihvmzcAhPIEZznLhyzDBIdd2qjDZYpvDC6lfTh0Dm7xtBhPYMDBGP9RdqyT99Jqp9qEZfAtn8TSW5nRnNwiiTVdr7uOHZ7eLN5h3KC85oaOAOGA0JBS8GH9VpIdpC8ECmqMBsZFcEKRX0pv-_mE87teIsiwTi2N0ZhMWfgkkU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kiwilimon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.kiwilimon.com&random=6446385836005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
135c4c356bbaed392379542123b002363e6ba4e871dafbd1025f03ef4dee86cc

Request headers

Host
hal900016.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=83b2ce551c14adf4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/

Response headers

Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 08 Jul 2021 17:05:56 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2321
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 9917 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7357904395e2276f0b0054c5ba67477e1c78f8f6231a4e090f2a6ed5f61c2a36

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 347D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_VTKYLfElj9QB_XdbPR0ZGMrhH05BDVoCLmxf7mmTtF6dPtoA2Fak0QiU_nDYMj-uJ0cnSD_0vzd9zn-MXpabrrSVo9kWQ6-YuauxG3ZQKbFRMgJalf397A1g2teBcWWJ6fYkMgyn2-durIuv0Qi5ExyueUqGI-PTUAPkfJ2YpFFdhFhiWMvW68OghG2Sbty7dHs3tYJYJuQMohvLLEUV4b17rWOhbVEx7iRVGwtGTn4iwgbvjsHNHAU3qxOmxSq0tlpVev05wmcwWBmr_OcyJkPHjxBTgSA0kTdEsCIEbo9POGE4ujq3-EnP-IjgdloINWI7_WK_JrSC4oJrdynsKXuClFVu5rCinxA-rV1Zz1fDSxnbIilSAeyi6H1WGJQLgnN4tWC6UDphskvwSKAHRG0px5835eDRPX-1iy33HsUxQla5ohTZqlFehvFHZ53HQdf5bXFMrZ6kGtktHofW_m-gbOIerwZV6hrcOjLHmnvTh7kBosZzXbzBSJxhBVe4--UvN-A73FWazzPmmj8okfAp6USzJF46lgDMcUVLZu4d9MdFRh56TQzH-nAOHkb6CoS2F-5SdYMktWnnBSRnHbNhaBqz1EZL9WyeACgaPu0MpXZa4WWNYfAGZUjK_5asEGFIjLgHaYYlB2XOcsnj3o9S5u7tWwP6lZR3DzXZstzKFOnLR8MpJ_EBbmaHNFGnobfTxNHBYX4zNeKs9Kdp2M_d8tMy0S2r20aM5v3LMFd4LaTfe-0ZXiZL3gn-D7Aax35ouX3WPGiXhUEuFia0RE-CW_5J9iQJ5SnpTIBFpqtBIfEOk782oLg0ZTUKHkjEUL72w4rdFhATloiiOCi1OivcD7zFMxEL5ZT1Uqtc70KFpjsyNHRNpQNHSqtwYcwk10kgTWXMamudvwWBEdSAcL3xyfDIW8KUv58sE0fe51b5TbMM8Deoz5glGILf25eosQ6dvYI2fs_lFrx8ULYf54MRFHcn_fNkLludfgaRYSTMR-8e6IfeuNwpG_lY61vuSn0Sb_b7FQGa1neXhBnG_UZz4c6ZWVaNAIpoIhcZVR15YVQelkgmqe2Geb1xK14qrVUJitWEvYxw-up-zc8ufhJVo2_i3ylat9Re0Om2tcgcy4qWEUviKYWajIkMvdd1YrItNQ&sai=AMfl-YShFTCTpQlXLayDnTxMXJunvVEvLhOZMBsofle0CEMb1uhxeKk30U-2dHizFq-FYhsPSYXEmcHWG13P_zoOrnU1RzNVetvJRJHpVff66kZfk1Wutzm5v32U0Qlr5J7PXagijuwxHbQSUGkuH16Petr3LZElGdDvNXn1Ayg&sig=Cg0ArKJSzGOfW6O7BXJTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=576&vt=11&dtpt=463&dett=3&cstd=106&cisv=r20210624.97999&adurl=
Requested by
Host: www.kiwilimon.com
URL: https://www.kiwilimon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame DF24 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 12:53:54 GMT
aircraft-up--fill_white.png
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/aircraft-up--fill_white.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a999e7786f273ec8bc4d158dfe7dfd1124c6d199e02839a46fd0d2546474ec3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 03:33:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
45117
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4135
x-xss-protection
0
expires
Fri, 09 Jul 2021 03:33:59 GMT
onhov.png
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/onhov.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98e9083c0bbdf2e56b8537ef1ba990b9a404c2b7bb691337603e8165ca1bb4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 08:52:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
26008
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33665
x-xss-protection
0
expires
Fri, 09 Jul 2021 08:52:28 GMT
nohov.png
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/nohov.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29afc6bf9db6d6cf2d2469c24a2f5202c2c56cd91a2fe489dfe96dd083f97d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 04:45:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
40805
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33403
x-xss-protection
0
expires
Fri, 09 Jul 2021 04:45:51 GMT
TUIflyONBEPERKTkostelooswijzigen_bol_NL.png
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/TUIflyONBEPERKTkostelooswijzigen_bol_NL.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba76289a564b307ae6bc50f3d44e24e3b3e95009926b928b31bb1347f48b8ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 14:35:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
5433
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73211
x-xss-protection
0
expires
Fri, 09 Jul 2021 14:35:23 GMT
TUIFly_300x250.png
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/TUIFly_300x250.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c1e5a73dfccede4d9aa9f14d986ed60549d084fa4676c90c852bb791e275678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 22:54:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
61909
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2900
x-xss-protection
0
expires
Thu, 08 Jul 2021 22:54:07 GMT
TFTS_300x250backgr_NEW.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/TFTS_300x250backgr_NEW.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a22f75bdd1f57ce0f650caccb24030a6858e6b1f3e86414a2cd09eecd969894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:40:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
12301
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58532
x-xss-protection
0
expires
Fri, 09 Jul 2021 12:40:55 GMT
algemene_achtergrond_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/ Frame 7A31 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/algemene_achtergrond_300x250.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd9a5a7c423be5c0a18dd11b37a69022f230d2402acb50218a04108eeeab234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61825275/20210623075835890/index.html?e=69&leftOffset=0&topOffset=0&c=dNaEmyXDFj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 23:19:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 14:58:35 GMT
server
sffe
age
60397
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48926
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:19:19 GMT
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame 80F9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7A31 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 08 Jul 2021 16:05:56 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0351
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1&google_push=AYg5qPKxJWxT75eLdvmJj0GWz6ItkUzoJeB0gGmCqCnA3XvpUHvPgTSEAB_dVsl3FSv2VveAYq3TjzKuWuyNpcJRM2rbptZg0g
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA4MDkyMzk1NjA2MzExMjk2Mg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC4jCxlp7VDxB14QrqrHTNw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 0351 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDjqW3CgZdvTTK5nxwvyCWM&google_cver=1&google_push=AYg5qPJJUNG-q9m35HlFmL1KlWWaXUw78MMmRN9rLU44SbnjaeLGERSuNe4MGdv2DcG6Z2zVrbX2a-vRxo75pkS13ng0BZsgjg
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0351
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFrU7ZHqdxw9-CO1AV_NBCs&google_push=AYg5qPKQMY4vXb8QEIBlx-wk7VGgZkRJ6UIOAxiGhLBmQcUNuWP98RfwJe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFrU7ZHqdxw9-CO1AV_NBCs&google_push=AYg5qPKQMY4vXb8QEIBlx-wk7VGgZkRJ6UIOAxiGhLBmQcUNuWP98RfwJeAs6NRlR7KGu-Mh7gRUOjI4GFA4Yttp6l3G6ZzVWw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1625760356.383815,VS0,VE94
x-served-by
cache-hhn4046-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFrU7ZHqdxw9-CO1AV_NBCs&google_push=AYg5qPKQMY4vXb8QEIBlx-wk7VGgZkRJ6UIOAxiGhLBmQcUNuWP98RfwJeAs6NRlR7KGu-Mh7gRUOjI4GFA4Yttp6l3G6ZzVWw
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0351
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDsPj3j5wmcCRxk060YHI8U&google_cver=1&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJbdEgaFbOA5
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA0DBFA2DF7B40DA8931279917EC60D3&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA0DBFA2DF7B40DA8931279917EC60D3&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJbdEgaFbOA5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA0DBFA2DF7B40DA8931279917EC60D3&google_push=AYg5qPLvXss_Tb9jiK4A4KyBBewdpqao-E0li2_ACk0SBjlH4HR50DDWNmng33EAIX2SGN_B8Xngyu_k40yriJbdEgaFbOA5
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 07 Jul 2021 16:05:56 GMT
google
match.adsrvr.org/track/cmf/ Frame 0351 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKImxzADm-A-LaWwENspPlA&google_cver=1&google_push=AYg5qPJYQMV4S79_gaAgPfNVI9235cSOEgwZ5Kb0dNmTQ4U4BT-w22aEJWCGhpyy7uIoNEQ9L3DheopttjkQ5_WBlHRClW96Kw
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0351
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFhG2vKsV32yj7vTreAgraA&google_cver=1&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN05...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN050WHk6K6gRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN050WHk6K6gRw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Jul 2021 16:05:56 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rl--oGLSTaeRwhk-RZwpdQ2&google_push=AYg5qPJ75P1IpwzcI47X77aDalSKt__Sh6YAXYsksWJiLAujJLn6DAvIIRXlLm4rDb5zAfZB9-NymViiVbn1qN050WHk6K6gRw
x-host
tde-deliveryengine-production-66b988c8fd-5vck2
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0351
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENaklG35pmtkbZByY3G4GZ4&google_cver=1&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjF...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENaklG35pmtkbZByY3G4GZ4&google_cver=1&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjF...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4&google_hm=cc22f531da637ddd05b77345
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4&google_hm=cc22f531da637ddd05b77345
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIcThdx4slrBhiQEpoB4GfoetxBHUR3XdJGsd_7513qU2MNgzZfIPvLxeX7Z2iH2l2FZvU2h5oYElcuOBmjFCNZpbT4&google_hm=cc22f531da637ddd05b77345
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0351 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNKhIu3f0ZjdU4KSoydL6aVGzZZ9wGlYAbVOS6J3Fhre8nqGMOhViVFr16f95Tc1ZrgWxu
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:05:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame CCFF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
pagead2.googlesyndication.com/bg/ Frame E7DF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:34:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
189075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5747
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 11:34:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D37 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ8AJPLTyaNWuLMwro_q74IR1IP0Lr0aweLQ8cYJdVJfyvKPTZi6zCYeEEhkd9UJ5zCvsrCBWVrk-Kc-cZcl6v3Qbm8N9M4maBZzHJRssyWpM9gnff&sig=Cg0ArKJSzHeo1QPY9lLgEAE&id=lidar2&mcvt=1047&p=1110,436,1200,1164&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20210707&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2761965187&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625760355280&rpt=60&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kiwilimon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6067160652436412064
s0.2mdn.net/simgad/ Frame DF24 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6067160652436412064
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433cdfed225b66dd43b9d7e3db119338bcfb7edab36ecd2dfc96304aa23c1ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 19:09:50 GMT
x-content-type-options
nosniff
age
248166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33227
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 07:44:48 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 19:09:50 GMT
4471794080849405585
s0.2mdn.net/simgad/ Frame DF24 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4471794080849405585
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97199ac50791537681b3de56c1178f5dd4bd3f0f040ae16162b8fe06f6f3b1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 11:53:08 GMT
x-content-type-options
nosniff
age
101568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28814
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 02:58:58 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Jul 2022 11:53:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 6018 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 13:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Jul 2022 13:02:14 GMT
300x250-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 6018 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250-MSSTORE-Office2016-Launch%20(1).jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f8528716993a3c25c2f21c1bfdc852b1d229229527ed4993c75bc88cdccd6ee2

Request headers

Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:56 GMT
Last-Modified
Tue, 16 Feb 2016 10:09:14 GMT
Server
nginx
ETag
"56c2f54a-aad3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
43731
truncated
/ Frame DF24 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
4471794080849405585
s0.2mdn.net/simgad/ Frame DF24 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4471794080849405585
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97199ac50791537681b3de56c1178f5dd4bd3f0f040ae16162b8fe06f6f3b1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 11:53:08 GMT
x-content-type-options
nosniff
age
101568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28814
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 02:58:58 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Jul 2022 11:53:08 GMT
6067160652436412064
s0.2mdn.net/simgad/ Frame DF24 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6067160652436412064
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433cdfed225b66dd43b9d7e3db119338bcfb7edab36ecd2dfc96304aa23c1ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=0H5ePm1VEL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 19:09:50 GMT
x-content-type-options
nosniff
age
248166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33227
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 07:44:48 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 19:09:50 GMT
viewability
hal900016.redintelligence.net/ Frame 6018 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=16084100118496600628838011649016&a=3b555814&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900016.redintelligence.net/request_content.php?s=16084100118496600628838011649016&a=0df9d9aa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 16:05:56 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 6018 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73F0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bnx0xYyLnYL60JNq3gQfxlZiIBgAAAAA4AeAEAg&bg=!_f6l_rrNAAYo4NJEKOA7ACkAdvg8Wpi9yeorLMh43mksRZqFgzNJQrSbFa9cPKlrekho_m5A4Rv_0QIAAAHSUgAAAF9oAQeZArey5rvm-dB51aWoH7PNIZBvpu0Mp7uWPhmjLpxy7w-sZHIZEuK5jwuSZ40gcCXbDR15T3WeJMUSAhvleWIIv_QazN5Kcm4oFI1Zq3qkovI34Kc7SHO3K8iRP_J99Vx9-ZxxeLyCKN8vpA3BsCuXIfhK3PqABBWyW_M9G3-JOz-jce9zKck7fWbfNJNysI3bsNhNkEvS-8oou5nvCkkLeO15XxEbkwBsBubK218rxFsuGbJEeJoyGlT7XcHoZ9ZrDLiksFI26b3NpkPYYwR-vKfrVAutm5BAzaEdm8Z7t_cK0KvwZU8RhmAHcz_iC2x7VwOHK5E42NKA-AiBZnnXfR6xNqtkrzm4ZxfSFpYt0JvixvE-P0oyUHisgIOkFsqVeT_8pYDn_ba_PkfnxuXbDCkepCEarNhOSdE1xxvIeyqpV4xqIU5F2z7MMlAPJP6pkshvabb2B36Lq54YRcHdCQ3gfS5u6Bhlk3XBE-U3gzvm4lGh0aKQaB92m14kTYflmFt6nQ19o_6jT5BNgteInAuCpsHLDDHYQ-5R1f_PW2v_uiQd_1uXtQe9RD0Cw9hPGOTDavA51QUj8N-_3XislqnqzabTGB7Yzq_dlw9unzuE0XE14LJV2HxPFXypLepLNsnrrNPyn9UyFzIPT-kxj20i0hFSkKWROJFkdc6yJuWM1TOiN8GNcY3zUXP8g7Ul_kh3FpmNyI5WQnGJ9jT8UanApRmOJeRJtaB9X6FXIEtljzgCzR1Tk5wqA6oKmFgT5BV9X9TaTEz5gVkgo8tGLXjZwbgKVnl0q5LDHUEupJLLbZH8DSpdEg_kTnXQ_qGiXteXGKO-0dmKHXjKYrLKEavgZZKIyYrZt32PWwaEcLIGNlcshPOUpcFRQpXFahDGaGUo6mYiOJDPQnDdZkgA24pKNZy8Gprl8A
Requested by
Host: af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
URL: https://af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD6B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSMEKYyLnYOLRJIi13gPdqoa4DgAAAAA4AeAEAg&bg=!09Cl0JTNAAYo4NJEKOA7ACkAdvg8Wo7q-wMTA5-oK4rzZA644COyLrtiGrIn9NLMNIL_Ikgs9t3YhgIAAAHUUgAAAEVoAQcKABd-fEgD18IpcOjLo-ZI1FahJZW4jTVaLpkCvGGOdEDT4p_P0PMhUCpZ7Nb8OXLTZKVjnJxEhRbSPauCCgEw-uDIWTh66QX8Sq0DzHPjpeKNK5eT0XGoaQjRnJy7qbTvdKrONQ0GfZTN2Y18uEPbp_8OJFxUprs01VUX72Be7q5sMwbETlWBM2ntP7lXsYM9DCxzhcbJDR3ztwZMjaqTARcS4RpuKC6kHy9dGoir16-Ngmb3t6YG3-Yq2m7O6MOVtG2VANpMHtBTPfm0nfNoof_mZ9v2ITA2Jr-FxLPoT-VefpAKHCuZJOB27xgY1TpacN8YmfcuO8HBZy7CYi1poKgNCSjzAL0PAQOxpilMMJmCVnxIY4Uz5x7mithhpxSBGASRp0CaIcSQgblVsO6L0AGyYXPZsQFivees3wdLbhiVMKNnGvwcgDHAM73eLW3GnCL9x88Np29LVpHTLTmm3wreDehPv87IY3pPyVkrvMrdQbItnXU1cxOH4g7JR83vzCDzmuqs8v2M_YpCl68ldBiC1pj293M0-Mu3z6oJ56QSzqqht96Irfns6C4NSLpzw3DurTucWitxoce5Qs-6GAYtZlpw_GL8fBVOnPAx1JVNEgM19ldA64FLB24lJn7vXhZmFUWHsdI2C-b-mmYFXsG6bo92Htoq_cT2wGbwjcJ1G9Cp8BQb3FeOeTYfrMaQ0J40SGKckZQxlOWrAJTdCYvAJ1xxn7e1KaIIP9S98Ab16oO92GBbtAZzRe_x2FZzWkRNRA7f39LYtOckTYCKa7a266HHaOhpBC5yQWbUzPfBfyQhQMWqbgjeQdhd6-90aAaOnYPVcapWcLU5--Y5utW2C8yvANpPkxj5jWGrz9aeTDq0KKQWiiBLqJ_zj6BYcBp7yudg0D5jDIn0Z6ErFg0UnBdYjCYcySmZznaUrxNSqSPoVdRad1FzsNKLGLUK7O03P01mChQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80F9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCF_kYyLnYOm4KYrx3wPBo6vQAwAAAAA4AeAEAg&bg=!CwilCEzNAAYo4NJEKOA7ACkAdvg8WnDz8KYftV_eca6I_n0k8bF4YNHciyq_J6OAjUh28AD6QdEB8AIAAAFOUgAAABdoAQeZAr_YyixJ6-4envDK8hdoyW_sMbwEz19Q1YVTynyJKb8nHjwmU1bZhRBG73SxuejpTLG6O7U5nBnGq2rixCe364OfUc22Cnm5rIuke2Vjtp6wpwIKrTNZy8n9JjCRIUYbfCQyO8kyEukVrnPo4fOJDm1xu9x2oBPUkLRNyO0xbzK_qZngqnc_jAnAbop8tAovvXDCXEfFT1y798Z9lfQ-kHSDdN7yR676RXAdq_ecuIT8vnnldOMm5YC6cFuIgbfDCIc1eQt9SRtHpvuA1OKiRI4mtUVWkYqnc4igIQL6r7Wfe-STpGCSBc6Qt1PZ-zkXvr-teYZZxhe_Oleyax7jRDn80H4n3z388nTdpua1SefjLGDCmA_ZeLkFbxT7OuBNsmOsxAtFaYLHXJEKPILI7q7Gl-a2ScUCzV2RWHp8WjZqA1doAdPVXtZ1GCWq9KtRwKKGLaIl8DybGDDI_USdsjlvQrjoZqGceK34k0GCVpz5DZ98GQ4pc_KkxR4WjA3fO-kO1FOzfGFhnk9Qr1C_6z_i_7PouYv2RjN8Nc-ZsaGdg7tUS5s8fAHoSaW15iYU9nAZU5-GwmVeJ1aDf2jYGvgf0D_zWQzsZJ0EYbnlGm9ff7zERbqSA6nTiNl452P3GmocNO970s8pF8l6bb8OEp4KVtvD3nBrhlib7z6EF7ljfVy6Ih3vxzeXjRIKpEEiwqcEzjQkBxmW7AAowvqxb5W7au47WsevBElrtU7peWvscCRHsK8czVOQJqYRvmtJGW1xnOeVx_0cXqIMMnWUw-9bzZlKmBLesqj4OmyE3G-EZHkwaNqSr0fYxW2Q0kCT0fWdz9t54tGjHq7RJFsS1e_SJYBxKYy71mJmyPZvCW5lZz7-NEqxJfLCGVinfos5LbI0mWQ5gPdg_TslnLFGiGYEXKPtbDhHY_10yX0E-LiA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCFF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFiSxYyLnYKXkNamGjuwPsr2wgAgAAAAAOAHgBAI&bg=!ysmlyY3NAAYo4NJEKOA7ACkAdvg8WkZM1h9dXCvKX5OBGFluwiyrhZmR7DAi0T5_kfh5VVCumErergIAAAErUgAAAA9oAQeZAsfBB-qBtQbjUJGRH19veYaNYhon61Y1_dbxAG-8ppFqZPbxt8kn7PLHnPQ6Vv-njfRxXcTek7jhTbO59-wZ3gtH9kv0Tp0bf6Kt6InxpKNjggY09Vhy_fOsgUVsNmUpGhK-NitFJMl9FsUgCyiUSWNYgfc8GTaSiNHsPMyRfu-inv1IUe5szdVyMHjpxxLodM8oHNIXyIAcxF11O9gJcSDmglz-FaGxF3NwAzoO6lUxI0G7DX7gtaRcfPAt9c-oHQl8BV3AYzOvOL3_-_Y_dXSWHDTuSIy3LE7fZKrnlNkIL-3cBk2Q-GWfu4GJA_TQClk4x_OJExMgY_YhQ_v5GYco-nkRf4zgu-UrxjjX2uzHQiW15mdM32VJApuJe-5bIVuxms6a6ew-y4tGUu_RC4ucxy9g_8yntQHlXcBut0RMEt1e8ji8PILgxAv_CSMdOXI2kbGzd3dqPCU2mvrz1UxFa_DKQVVWEFfAK7559O_AEkwkAe3JZIcyRl3XS8Nj8q76o0y45DDtF81IkHjS_z-Y28CSXRJktWGPnh87kdVO5371oemUcoboZVDh6mlFPNNVNqm1Cr5sXD8ImrvgU8wfCqgT40cDIxGHw9znQ5luWiZiXFpwpAEVMrTDmmnj_Hmed-4auZeKZ6eAl0J386DHuSuxEzDaUPA8m6hfqvh30UiDJTNbefz3c7mbqb_qnv1WP-CbdLXj8EXZQRgpEHuTKru6ukssxc75_wnKsOUj_NbuFYY7YVW5iVDvcSX9Fe8NISwHTY8LnhNK7LOVcr1xM2OtJYRPiR0HRKPA_2VQd-EY5XN66bUAuJ4DhqOAUFDfmbPEoTPv2UtiKGTLInIYsrIbvFddQ1LLIYRULAyTQQl9EWCBijoyf0rRgY70q0o7o90-qnfIDIP34TjdWjLgoYDh9s6xRchOzR_9EdyjueB0i-8MRhY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 16:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
flextrack.msi-aci.com
URL
https://flextrack.msi-aci.com/track/32e1b336-caa9-46d4-a3d2-28258cc1d269.gif

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| lotame_15499 object| WA function| ajaximage boolean| flagFB number| listenerid number| functionid object| events object| beforeflushs object| flushs object| keys object| specialkeys number| listeneruid undefined| context function| thefunction object| KL function| pbjsChunk object| pbjs object| _pbjsGlobals function| fbAsyncInit string| GoogleAnalyticsObject function| ga number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| googletag object| heatmap_ext function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| lotameIsCompatible function| lt15499_ba function| lt15499_b undefined| lt15499_c undefined| lt15499_ca undefined| lt15499_d function| lt15499_e function| lt15499_da function| lt15499_ea object| lt15499_fa object| lt15499_ object| lt15499_4 function| lt15499_aa function| lt15499_a function| lt15499_f function| lt15499_g function| lt15499_h function| lt15499_i function| lt15499_j function| lt15499_l function| lt15499_ga function| lt15499_k function| lt15499_m function| lt15499_n function| lt15499_o function| lt15499_p function| lt15499_q function| lt15499_r function| lt15499_s function| lt15499_t function| lt15499_u function| lt15499_ha function| lt15499_ia function| lt15499_w function| lt15499_ja function| lt15499_x function| lt15499_y function| lt15499_v function| lt15499_z function| lt15499_A function| lt15499_B function| lt15499_C function| lt15499_D function| lt15499_E function| lt15499_F function| lt15499_G function| lt15499_H function| lt15499_I function| lt15499_J function| lt15499_L function| lt15499_M function| lt15499_N function| lt15499_K function| lt15499_ka function| lt15499_la function| lt15499_P function| lt15499_O function| lt15499_Q function| lt15499_R function| lt15499_S function| lt15499_T function| lt15499_ma function| lt15499_na function| lt15499_oa function| lt15499_pa function| lt15499_U function| lt15499_V function| lt15499_W function| lt15499_qa function| lt15499_sa function| lt15499_ra function| lt15499_X function| lt15499_ta function| lt15499_ua function| lt15499_Y function| lt15499_Z function| lt15499__ function| lt15499_va function| lt15499_wa function| lt15499_xa function| lt15499_ya function| lt15499_0 function| lt15499_za function| lt15499_Aa function| lt15499_Ba function| lt15499_1 function| lt15499_Da function| lt15499_Ca function| lt15499_Ea function| lt15499_Fa function| lt15499_Ga function| lt15499_Ha function| lt15499_2 function| lt15499_3 function| lt15499_Ia function| lt15499_Ja function| lt15499_Ka function| lt15499_La function| lt15499_Ma function| lt15499_Na function| lt15499_Oa function| lt15499_Pa function| lt15499_Qa function| lt15499_5 function| lt15499_6 function| lt15499_Ta function| lt15499_Ua function| lt15499_Sa function| lt15499_Ra function| lt15499_Wa function| lt15499_Va function| lt15499_Ya function| lt15499_Xa function| lt15499_7 function| lt15499_Za function| lt15499__a function| lt15499_0a function| lt15499_1a function| lt15499_2a function| lt15499_4a function| lt15499_7a function| lt15499_6a function| lt15499_3a function| lt15499_9a function| lt15499_5a function| lt15499_8a function| lt15499_ab function| lt15499_$a function| lt15499_bb function| lt15499_8 function| lt15499_cb function| lt15499_db function| lt15499_eb function| lt15499_fb function| lt15499_gb function| lt15499_hb function| lt15499_ib function| lt15499_kb function| lt15499_$ function| lt15499_jb function| lt15499_lb function| lt15499_9 object| heatmap object| CookiebotDialog object| CookieConsentDialog object| cookieTable number| CB_OnTagsExecuted_Processed object| node string| temp string| template number| pos undefined| val string| txt string| text string| id object| n object| code object| previousnode object| nextnode object| xpath string| img object| placement object| data object| bidders string| jsonbidders function| fbq function| _fbq object| _atrk_opts object| $buoop object| _comscore object| FB object| ggeac object| google_js_reporting_queue object| KLVideo object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| udm_ object| ns_p object| COMSCORE function| atrk boolean| _atrk_fired function| $buo_show function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| vttjs function| WebVTT function| videojs object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests function| videojsContribAds function| videojsIma function| addEventListenerBase

5 Cookies

Domain/Path Name / Value
.kiwilimon.com/ Name: _ga
Value: GA1.1.856512278.1625760344
.kiwilimon.com/ Name: _ga_X0MHE23QYB
Value: GS1.1.1625760344.1.0.1625760344.60
.kiwilimon.com/ Name: lotame_domain_check
Value: kiwilimon.com
.kiwilimon.com/ Name: _gat
Value: 1
.kiwilimon.com/ Name: _gid
Value: GA1.2.2014055615.1625760344

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.doubleclick.net
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
af1910a20c1a1675abd22e3b6a9dae35.safeframe.googlesyndication.com
ajax.googleapis.com
analytics.google.com
ap.lijit.com
bcp.crwdcntrl.net
brightcombid.marphezis.com
browser-update.org
cdn.contentspread.net
cdn.doubleverify.com
cdn.kiwilimon.com
cdn3.doubleverify.com
cdn7.kiwilimon.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d5p.de17a.com
dsum-sec.casalemedia.com
eb2.3lift.com
flextrack.msi-aci.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900016.redintelligence.net
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
imasdk.googleapis.com
kiwilimon.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
pixel.everesttech.net
pm.w55c.net
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb0.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.sharethis.com
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20239.doubleverify.com
tps20246.doubleverify.com
tps20514.doubleverify.com
u.heatmap.it
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us4.heatmap.it
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kiwilimon.com
flextrack.msi-aci.com
108.175.7.51
13.224.193.10
13.224.193.44
13.225.87.64
13.225.87.8
13.225.87.87
138.201.220.30
142.250.185.98
142.250.186.130
151.101.114.49
169.50.137.190
172.217.16.134
172.217.23.98
176.9.26.250
18.192.225.56
18.195.231.241
18.207.58.158
185.29.135.234
185.33.220.145
192.99.47.17
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.45
213.254.244.17
213.254.244.19
216.52.2.19
23.37.38.181
23.45.99.241
2600:1f16:bc:1202:b9c3:93a:fb15:d062
2606:4700:10::6814:375e
2606:4700:20::ac43:459c
2606:4700::6810:7eaf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a02:26f0:6c00:281::f09
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b2::4469
2a02:26f0:6c00::210:ba79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.226.4.134
34.246.227.69
35.190.0.66
35.244.174.68
46.105.202.39
52.30.140.199
52.57.110.162
52.58.221.124
52.58.248.2
54.229.143.145
70.35.193.75
76.223.111.131
88.99.70.21
00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
01b11a7a6a4b771ead01e2060b8983d0b37f6f3e01a7e74f0140eb04b69459c8
029897ddc111816476a0c086951ccfaa6ee7675ddc0b31d194a2c63c90a41e9b
04cf078616ceac8a0c029ff92ff8b13c0fe9147891ea6532400adb95fe53ef41
050b2c433248d6ce2963e2d5f67dbf8e7167f6fa34a9be57da975e13ccde4e22
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09afc8875d70adf999313682a86121154bfe0c62f3b7b7a6df03ab21b1af491a
09ca364aa1afbf1e0527d2edd55b700b30a4e2346512ce7f19229955ee9eedf6
0a748ec626959304f8ce763dae21170a84a5f4e47ddd7ca1e48dcf30e0fc7737
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baf82743d794e3c67b69e2c250218e2b7d3fd6e44ce2010c1e9d54807d7982b
0bf3eafa67c711218b24e1f321ef4c1de73719d712cd547218ba360f2e87398c
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0f4b5aca3dc00029a2d565e4e745673b35d424fde6d570d76fc0b16c871054c3
0faa49c890285a2d5e772dd291ae7f617dc6857e430bbef530afbf8a371b3d7c
1033901f1861753b1f35b07e38078667030b2d022ccfde028b5434e7b2564bcd
10906a05729758a429a0b5725299a254cc5b9f27f676147bb118a4f663eb1d82
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11084de664d888933874102638926c6686af22a88f1805fc3d4f55ba91b2d816
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135c4c356bbaed392379542123b002363e6ba4e871dafbd1025f03ef4dee86cc
16d44ba58dfe35ce8d277075eca3f03e654aebdc7ea55279deba9e5bb4c3fcde
1acd944a8a4b41a8fa15ee0079834345d33008e8d5489307d0cae941f939514f
1c1e5a73dfccede4d9aa9f14d986ed60549d084fa4676c90c852bb791e275678
1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c
1dc93a80d9de5714785ee7b38cf0dcda828883e9b5e1e2e9f91c397dde893115
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
234f5428223455423e22c68251b6e96cfbf7791699a06925de32a6044282e261
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
29afc6bf9db6d6cf2d2469c24a2f5202c2c56cd91a2fe489dfe96dd083f97d96
2a7b134026d7047a44cb7912063980b37bb628c7f4a792a4e190185be8a268ad
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2fbcf2becff6258351c1f96d4c46e5900800dc8c2745a918fca7d589a78f61dc
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
32949798021d6627f034074aab09021604a6fe64bea36cb418ec2e15c8c3d6e5
3462f3c71aeedf53b42498644e2af2e79fc9402444b412d9d9c96260a30bc249
35b384bb05910ed7d48bd862cd68e26612295c2019ae64a59984908292fd5bad
36e95b11cc81e7760d7efd2c4ac39eed3fe72f075445186074cd6be090d8c674
3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8
373b095d12c02a60cbe9037c5e729744f0a5b5fae609cb90b675a1855804a1fe
3792beea50b2db46599bfb0fcdc1d55ecaf1015abb904ebb167af5e4103ff3cd
38795414fad0a8abffc6795b257db45c60bad0a93b15fa6598bd46d41f07d8c8
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3a1a1af61ab4c9282d416ddd395dc92c7d1a9046751ddfd181e89dea22e851ad
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
3a6a6286fb73252576c9346ddadc9c26d4e2ce795e3710d891cde7aa970a69a7
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
3cc9c19f7f03042ecb970557d5622cdd897a7dfc3ba92877137824f7ce88efde
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e50ee48ecec70656eadca2791d83523cebbcdaf74758dea0325f9f080697395
3f83e96b9f42f8cf8c76904c9d9efeaf0f659891a29d0ce8d3394d853a776f27
40dc00e7ab6f7e1d55518f6e6ff20ea5d90c8776fbafbd71c76a704b4d2a6f25
414eef74ac6306127645beddc4f34f59a6ea3994e410f188481d736b01ee4b65
433cdfed225b66dd43b9d7e3db119338bcfb7edab36ecd2dfc96304aa23c1ffa
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46aa51554fa6e68799c8286f7185358aea1d626d34ecdcad4c0775422a3586e8
46f4f3427fed327f54f999f96571c8416c73bd8379c742e7efb9ca50e2210ce2
47da0da617016c71b198ee772f4c9576d62b3c5de7cf9a93a9ccc1eaf1056633
486b1a891e41fbb1ca5e34eaadde4af4091d8341f7003c2d90b47e98881e1de0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c9c7e0961d8723a534c9a2602491964fc5132de22f3fba39f9c04b534828c2
4aeea4a203c7496742007d1455b7ab8f3a35fd52e8b5a8fcd3ad66b9c557217b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1cc633c05027fd461b26cb37e1a884ccef68758a3a428922d984a3b06a8c96
4ca90640c3906fbd7859e4091b37d8c4cb1094662aee9e7ada86ee788c63e560
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
4f3c971cd2cafe3ad84b4d0d2613191f1040dabdba9ac0c6a7beacfd56ba135b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
5780f2b191fe4fb88db69c5e131e69d6e9b22b9fc0c2f5770cdf78cb05233172
58a26526794c3d083a4669dff19051d431073333a4c8bab0d3b6a8f429a97ef4
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5a22f75bdd1f57ce0f650caccb24030a6858e6b1f3e86414a2cd09eecd969894
5aa9be36dd5a4777c4f9e9ae2556df46667039f8d7ef1a65226902e4639f4e98
5bb97f2d00bdfeb03731ca6be4108f98e674894fe3f3ff4b6bd9a7760c433402
5c8b1ce18f85880d041b4f908fa38bda33ac69108c53ad586c01ed1fe9c39ecc
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224
623df7617f31d43de512146c39725342eb88297e090e0c55d7cbc3310aa81fac
630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6585e4c395890bcf8a4c009add8cd0aa9fdebfa538b16eaf089e3e575571797c
65dce9c4d9c2312f23ebcc653671d63133bde10013a57698678e6e4a3d674b3b
681970546e1a221702746a9d61e5fce0f4f48e14adffdf5b1dcf98a7677b10f7
68cc483cf4f8e8b412da2adc945a9bbcfa1261dfe7f11d0366aab18bc22ecb32
6b0207399ff00b641aafed026adb6384f911cbaf391c78cd5601ee245a646f9d
7146971d97f98c52d17500f30e4a37a5150a83d520f131c5ec2fafd0f2e54d62
72bb0c3d98c352aa24bd8f1217223f485c9f37096bbc8d4220f48c01bec0c9fb
72fb6f95be9c5fd754745531c07fe271eb9862fa4546e3d720ab9f945bbde6f6
7357904395e2276f0b0054c5ba67477e1c78f8f6231a4e090f2a6ed5f61c2a36
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7566e66d666698c23958882a3f42278ba9a06b11060fbd3a7f7b59c9a8db81bd
767725432763bb3b61150ac32b1686f342b37b50970c4dc6d0ecb0a350af2358
769043aa256c30755f4571f0492f2487bfc9813b50b31b98d4e185d481712e13
782cf64d1eecb65966a86a47461bdb056032f92627572ccfdf55297538ab66e3
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6
7ed2a9afd151cd36c2d8ae9c8bcfd910bf0e781f6ba8ba37c46797ce1655c5a6
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84de9e9252f099570390c72929b369c63af2b3379ce28173d7220cfd0007365a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87f4adac473d43aaf9b03507ab808d0cb9d51ea7ea076953a5a4d387183ec79b
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
892b2fd12a21a16150ac8d19fba5c77b51fa37cac282f87d817af1468cda43bc
89f7f0f0ed67970f813b4fd1f9cc561ec4c0ee0e9fccd08541a7889549b517af
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227
8a8c90a2131ba6436144c983df2361b947822e8775165c924ed3674cec199659
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f24a68cda3a3c2211a4bb5db7e1bb6ded4066fa34f090077c46195fa39d953a
91f767ebd5a7968577f36d76eab5ccd01357988887aadbc5f346e4651de1c1f5
9524de17f65b6ffb935566802510c4470b48099eda4abe0fae8e26c62792393a
961fc3118c10ae808c05a4321e97b383a3cc9742dd3075e363a7f700fbc40e3d
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97199ac50791537681b3de56c1178f5dd4bd3f0f040ae16162b8fe06f6f3b1ea
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d
98e9083c0bbdf2e56b8537ef1ba990b9a404c2b7bb691337603e8165ca1bb4f1
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be3fa23762240b2bcaeb4c6df710c13c6b92c784796a8810007f510c59a3b77
9c127f9e1f3cfb8e058293397c988c3b845a93cc9f1ded61bbe817efe2a64164
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e5cd6f0123e7254db60a7238faf0d7df13fbdf00faf9297afc2b645ae9d8fa
a242f1aeef265489a9b4c4205d17b03cbeb84185d536ed9a428ced2137ed2a02
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f7b457ebebc60c111e92d8dc5d497b4c7fca36bcf99cffb9a1705f47424676
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50c1d225a3a6d96d76d263766cd4595501e914195c24ad6f2bdc41a44650bae
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a999e7786f273ec8bc4d158dfe7dfd1124c6d199e02839a46fd0d2546474ec3f
a9ffafdeb12ccda6a0f4bc5eeb0ca05a02a665bbb0b6c6d4060736dd47d649b7
ac167c37a06bb35419ee184a353f8375237b09de470f173cbd31dc40dad6c2bb
ae73d52c8073da441a52038f180a84ea29ae34813c0298c5b52df95e9f1d31ec
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1256dc53b2e692e24d91079fbb71165898ff95ca5e5935eefadb70e51d686b7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a693a350cb91378cbdbff27ca45ec71312d8c447d36ca738e1a6702b1e4ad8
b5b166387548caf79205a116b2f8991e298626a084d52e09c979c2802eaa0ad2
ba76289a564b307ae6bc50f3d44e24e3b3e95009926b928b31bb1347f48b8ed0
bb2da98f3b8b08056284d06697876cd044aa224663ce644c966a796378d7802d
bd2440daeccf772d1554ce952d7c2f372e93e19d1ffb329a54aa9288c500c802
be230c9f225e2b3290f4ff74ab9d9ed81c41b1f8fae401014efb487e3a775b97
bebbacbd35203cc2f993045fd242d28a4e287338bd59803afcbb1390bd8b149b
c8062a61abbcdf9c5ae296daab8ce733c667e1f32956b6f07d1c8758019664b0
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
c9f61ec27ecd71d25b09fa736e502008ad3f5de9ab7f08c0d901b4728b31e254
ca0214db4047a2b7d27aa4dbb774b3f01df78bc788d1233e945f8dd88933d6db
ca9498dc99b1ad4593563f1c436686ca8cf224c675abae2b43ac1dd3f5737a25
cb7f5024616c08969496fe853065d6b55458a1235ff735bbca9eeddc537d8ba1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
cfa58e601957c371e7212e5b644aa468055bdd8cee1d20ed7fdef9bec5a50723
cfd9a5a7c423be5c0a18dd11b37a69022f230d2402acb50218a04108eeeab234
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0ddad3ba1b0628c0500f8f4dbaabd026491beb3c7eba8f208477da5a715efad
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3fbbe223dc61ca773d10f5d3dd7e31d7161a85386de057781c5969563e55dc3
d40bdca0004d83424dc04e2879c0cf2e96222283146c6786ce985976e37d74df
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1
d54bdd415a4f40987a9c4db4bfecea0541278528a1a46b7d168b2b6f6f8e3ffd
d54f8b839f7e79c5346ba44c9895a978b5f6cb3dcadbe57547d8ffb8254e2603
d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90
d6e719cbde7736668a39ec294f86588f7eb85654f9d673f9a3877d4d0d4a44dc
da62b1d0c5f08852e676ffeaea8717b75f7044c99ebcaac7c2597e10eda2bb6e
de64d0ecf7c893b19acca082621bfc948b3eb1122bc9931c46fb9245d1ebee3b
df2e3dfbcec88404bf78ce45c44bf4318e81f89db996c5aa2c1173ba6cf6f0db
dfe7a7261ef5998343c20455b998aaa73af990d107e7cb84c21bf15564031f5c
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1a272cecfa9d1d70c07ef9563fb577a422715173c995f3819c8eb7083df33
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e7d15ed2a7a47b478a5d5586dca2c31e15c200c961959fe947a43b1d31b90997
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
e98e5f2079a8b9edf4621a42bd064f2c3ff4dfb7cb105715ed483d24a52b99c2
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed1d793edcc10321da64e014d42a49c59440b5e894c098b727deb41e61cea457
ee5584d9416d9427240537d914411e180a8094e93647abb726dc36a54a883921
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6174ef17180718a4e0c3f3c60e6b8eb205faf1494bbe7ab29756d9d8c5df599
f7e86cb7c600eb2ea167db1280c222c5014f59a7a9e4ed8234d5f86d0ec558c0
f8528716993a3c25c2f21c1bfdc852b1d229229527ed4993c75bc88cdccd6ee2
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc