urlscan.io logo urlscan.io
SecurityTrails logo

kesq.com Open in urlscan Pro
2620:12a:8000::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kesq.com/
Effective URL: https://kesq.com/
Submission Tags: falconsandbox
Submission: On August 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 9 countries across 54 domains to perform 354 HTTP transactions. The main IP is 2620:12a:8000::1, located in United States and belongs to FASTLY, US. The main domain is kesq.com. The Cisco Umbrella rank of the primary domain is 320758.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.
This is the only time kesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 2620:12a:8000::1 54113 (FASTLY)
3 2a04:4e42:600... 54113 (FASTLY)
7 35.227.203.93 15169 (GOOGLE)
20 151.101.130.202 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
10 172.217.18.2 15169 (GOOGLE)
1 23.47.209.80 16625 (AKAMAI-AS)
5 18.66.97.37 16509 (AMAZON-02)
13 205.185.216.10 20446 (STACKPATH...)
1 18.66.139.105 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
37 89.187.169.3 60068 (CDN77 ^_^)
6 54.144.218.90 14618 (AMAZON-AES)
2 38.27.106.51 395717 (BLUEARCHI...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
2 34.96.74.203 15169 (GOOGLE)
3 54.170.230.96 16509 (AMAZON-02)
9 35.172.42.197 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
28 34.214.150.162 16509 (AMAZON-02)
1 54.74.111.76 16509 (AMAZON-02)
2 52.217.128.136 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.7 16625 (AKAMAI-AS)
2 23.35.237.151 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.47.209.72 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:223... 16509 (AMAZON-02)
3 54.194.96.60 16509 (AMAZON-02)
2 151.101.130.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
18 2a00:1450:400... 15169 (GOOGLE)
3 13.32.99.8 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 52.72.67.212 14618 (AMAZON-AES)
3 35.223.203.253 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 10 142.250.181.226 15169 (GOOGLE)
3 6 104.18.19.126 13335 (CLOUDFLAR...)
3 4 37.252.172.123 29990 (ASN-APPNEX)
1 1 52.211.246.129 16509 (AMAZON-02)
2 2 23.7.201.234 16625 (AKAMAI-AS)
1 35.186.253.211 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 3 104.18.18.126 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 34.237.215.38 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.206.3.164 14618 (AMAZON-AES)
1 23.47.208.212 16625 (AKAMAI-AS)
1 1 213.19.147.44 26120 (RHYTHMONE)
4 54.174.213.70 14618 (AMAZON-AES)
1 51.75.86.98 16276 (OVH)
1 2 37.252.172.250 29990 (ASN-APPNEX)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 18.156.0.31 16509 (AMAZON-02)
12 213.19.147.43 3356 (LEVEL3)
1 2 52.46.151.131 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 2 169.50.137.184 36351 (SOFTLAYER)
1 1 103.229.206.241 30419 (MEDIAMATH...)
2 3 104.96.159.65 16625 (AKAMAI-AS)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
354 78
35    2620:12a:8000::1 (United States)

ASN54113 (FASTLY, US)
kesq.com
3    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
7    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
20    151.101.130.202 (United States)

ASN54113 (FASTLY, US)
squareoffs.com
assets.squareoffs.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    23.47.209.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-80.deploy.static.akamaitechnologies.com
s.ntv.io
5    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
cdn.browsiprod.com
13    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
apv-launcher.minute.ly
apv-static.tldw.me
apv-static.minute.ly
1    18.66.139.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-105.fra60.r.cloudfront.net
cdn.blueconic.net
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
37    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com
kesq.b-cdn.net
6    54.144.218.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-218-90.compute-1.amazonaws.com
feed.mikle.com
2    38.27.106.51 (Kennedyville, United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)
s3.us-east-1.wasabisys.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:9000:223c:5800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
2    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
3    54.170.230.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
9    35.172.42.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-42-197.compute-1.amazonaws.com
npgco.blueconic.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com
tpc.googlesyndication.com
28    34.214.150.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-150-162.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    54.74.111.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-111-76.eu-west-1.compute.amazonaws.com
yield-manager.browsiprod.com
2    52.217.128.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2600:1f18:44f0:4864:14f2:f07b:baf3:641a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
at.teads.tv
1    2a02:26f0:6c00:1ba::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
1    2600:9000:223c:9800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    54.194.96.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
demand-engine.browsiprod.com
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
18    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net
plugins.blueconic.net
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    52.72.67.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-67-212.compute-1.amazonaws.com
i.viafoura.co
3    35.223.203.253 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 253.203.223.35.bc.googleusercontent.com
events.kesq.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
6    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.211.246.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-246-129.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    23.7.201.234 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
4    2606:4700:10::ac43:b0e (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.tldw.me
counter.tldw.me
1    2606:4700:20::681a:bda (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
2    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a02:26f0:3500:68c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
9    34.237.215.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-215-38.compute-1.amazonaws.com
track1.aniview.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2606:4700:10::6816:48ae (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.206.3.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-3-164.compute-1.amazonaws.com
go1.aniview.com
1    23.47.208.212 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
4    54.174.213.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-213-70.compute-1.amazonaws.com
sync.aniview.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
12    213.19.147.43 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3605:e5d2:c58:d552:4f0b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    104.96.159.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
38 kesq.com
kesq.com — Cisco Umbrella Rank: 320758
events.kesq.com
4 MB
37 b-cdn.net
kesq.b-cdn.net — Cisco Umbrella Rank: 597167
2 MB
37 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 14457
events.browsiprod.com — Cisco Umbrella Rank: 12569
yield-manager.browsiprod.com — Cisco Umbrella Rank: 13576
demand-engine.browsiprod.com — Cisco Umbrella Rank: 23545
198 KB
33 googlesyndication.com
254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
486 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
228 KB
20 squareoffs.com
squareoffs.com — Cisco Umbrella Rank: 180339
assets.squareoffs.com — Cisco Umbrella Rank: 285133
809 KB
18 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1567
track1.aniview.com — Cisco Umbrella Rank: 1647
go1.aniview.com — Cisco Umbrella Rank: 4734
sync.aniview.com — Cisco Umbrella Rank: 2403
201 KB
13 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
tag.1rx.io — Cisco Umbrella Rank: 1667
2 KB
13 blueconic.net
cdn.blueconic.net — Cisco Umbrella Rank: 9494
npgco.blueconic.net — Cisco Umbrella Rank: 148297
plugins.blueconic.net — Cisco Umbrella Rank: 34174
207 KB
11 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 12300
snippet.minute.ly — Cisco Umbrella Rank: 16407
apv-static.minute.ly — Cisco Umbrella Rank: 24846
739 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
9 KB
9 pymx5.com
pymx5.com — Cisco Umbrella Rank: 29494
api.pymx5.com — Cisco Umbrella Rank: 31309
198 KB
7 tldw.me
snippet.tldw.me — Cisco Umbrella Rank: 44111
apv-static.tldw.me — Cisco Umbrella Rank: 35676
counter.tldw.me — Cisco Umbrella Rank: 34756
72 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 462
5 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
ssl.google-analytics.com — Cisco Umbrella Rank: 398
57 KB
6 mikle.com
feed.mikle.com — Cisco Umbrella Rank: 44128
108 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
1 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 10301
i.viafoura.co — Cisco Umbrella Rank: 10265
4 KB
4 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10078
178 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
158 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 988
1 KB
3 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 14659
393 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 983
pixel.quantserve.com — Cisco Umbrella Rank: 465
cms.quantserve.com — Cisco Umbrella Rank: 1083
10 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
fonts.googleapis.com — Cisco Umbrella Rank: 67
97 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1232
at.teads.tv — Cisco Umbrella Rank: 3959
s8t.teads.tv — Cisco Umbrella Rank: 2781
5 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1375
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
82 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
163 KB
3 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5221
480 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
842 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
990 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 111
54 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
ads.pubmatic.com — Cisco Umbrella Rank: 496
69 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1751
1 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 283
1 KB
2 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 402
29 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 442
s-jsonp.moatads.com — Cisco Umbrella Rank: 13622
55 KB
2 amazonaws.com
s3.amazonaws.com
76 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
23 KB
2 wasabisys.com
s3.us-east-1.wasabisys.com — Cisco Umbrella Rank: 170518
29 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
683 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
265 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
1 gstatic.com
fonts.gstatic.com
16 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
457 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
351 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2926
376 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
64 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
456 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 2841
135 KB
354 54
Domain Requested by
37 kesq.b-cdn.net kesq.com
35 kesq.com 1 redirects kesq.com
28 events.browsiprod.com cdn.browsiprod.com
18 pagead2.googlesyndication.com squareoffs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
kesq.com
googleads.g.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
18 squareoffs.com kesq.com
squareoffs.com
14 tpc.googlesyndication.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
kesq.com
12 tag.1rx.io player.aniview.com
10 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
kesq.com
ssum.casalemedia.com
10 securepubads.g.doubleclick.net kesq.com
www.googletagservices.com
securepubads.g.doubleclick.net
9 apv-static.minute.ly kesq.com
9 track1.aniview.com kesq.com
player.aniview.com
9 npgco.blueconic.net cdn.blueconic.net
7 pymx5.com kesq.com
pymx5.com
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
6 feed.mikle.com kesq.com
feed.mikle.com
ajax.googleapis.com
5 cdn.browsiprod.com kesq.com
cdn.browsiprod.com
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 player.aniview.com snippet.tldw.me
player.aniview.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 cdn.viafoura.net kesq.com
cdn.viafoura.net
4 www.googletagservices.com kesq.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 counter.tldw.me snippet.tldw.me
3 apv-static.tldw.me kesq.com
3 counter.snackly.co snippet.minute.ly
3 events.kesq.com kesq.com
3 plugins.blueconic.net npgco.blueconic.net
plugins.blueconic.net
3 demand-engine.browsiprod.com cdn.browsiprod.com
3 api.viafoura.co cdn.viafoura.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
squareoffs.com
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 jadserve.postrelease.com s.ntv.io
kesq.com
3 cdnjs.cloudflare.com kesq.com
3 www.googletagmanager.com kesq.com
www.googletagmanager.com
3 vjs.zencdn.net kesq.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 sync.search.spotxchange.com 2 redirects
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 www.youtube.com snippet.minute.ly
www.youtube.com
2 fonts.googleapis.com client
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 ssl.google-analytics.com s3.amazonaws.com
kesq.com
2 assets.squareoffs.com kesq.com
2 bam.nr-data.net js-agent.newrelic.com
2 js-agent.newrelic.com squareoffs.com
kesq.com
2 s3.amazonaws.com kesq.com
2 cdn.jsdelivr.net squareoffs.com
2 api.pymx5.com pymx5.com
2 s3.us-east-1.wasabisys.com kesq.com
1 sync.mathtag.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 match.adsrvr.org ssum.casalemedia.com
1 ups.analytics.yahoo.com player.aniview.com
1 ssum.casalemedia.com player.aniview.com
1 onetag-sys.com player.aniview.com
1 sync.1rx.io 1 redirects
1 ads.pubmatic.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 fonts.gstatic.com fonts.googleapis.com
1 snippet.minute.ly apv-launcher.minute.ly
1 snippet.tldw.me apv-launcher.minute.ly
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 i.viafoura.co cdn.viafoura.net
1 pixel.quantserve.com squareoffs.com
1 rules.quantcount.com secure.quantserve.com
1 s8t.teads.tv kesq.com
1 at.teads.tv a.teads.tv
1 s-jsonp.moatads.com kesq.com
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com squareoffs.com
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com feed.mikle.com
1 z.moatads.com s.ntv.io
1 a.teads.tv www.googletagmanager.com
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.blueconic.net kesq.com
1 apv-launcher.minute.ly kesq.com
1 s.ntv.io kesq.com
354 92
Subject Issuer Validity Valid
kesq.com
R3		 2022-07-24 -
2022-10-22		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2021-09-12 -
2022-09-10		 a year crt.sh
squareoffs.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-04 -
2023-03-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.browsiprod.com
Amazon		 2022-02-13 -
2023-03-14		 a year crt.sh
*.minute.ly
Sectigo RSA Organization Validation Secure Server CA		 2022-05-16 -
2023-06-16		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
feed.mikle.com
AlphaSSL CA - SHA256 - G2		 2022-04-12 -
2023-05-14		 a year crt.sh
*.s3.us-east-1.wasabisys.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-07 -
2022-10-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
viafoura.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gobrowsi.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
browsiprod.com
Amazon		 2022-02-21 -
2023-03-22		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.squareoffs.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-05 -
2023-07-07		 a year crt.sh
events.kesq.com
R3		 2022-07-23 -
2022-10-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2021-12-27 -
2022-12-11		 a year crt.sh
apv-static.tldw.me
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://kesq.com/
Frame ID: C7D4CB09498B7AC98DDF021DAF8E4873
Requests: 224 HTTP requests in this frame

Frame: https://squareoffs.com/embeds/4847?feed_size=small
Frame ID: 20424755FC398569F642BE3A1FBDF719
Requests: 32 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Frame ID: 971F262207FBF1250CFCB13EC488E5B5
Requests: 9 HTTP requests in this frame

Frame: https://254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 275777C84CB36CC09A14A4D0DED3981B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: B75DC4152CD14045169B192CA8626861
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&adk=1282969481&adf=3986099802&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fkesq.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155058&bpp=4&bdt=913&idt=244&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&nras=1&correlator=4912027320779&frm=24&ife=1&pv=2&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.4bsckar7hrzf&fsb=1&dtd=259
Frame ID: 5A92A88FA3B8C7230D9F04D321DAC611
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Frame ID: 73A719D0F6FDAB190D19A659DF7C08B8
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdhWikF9ERT9HkAHcA0CzwTaisFX67CtrwbpBJXziKpf1KTkHjIA99FerEu70p1S_yPzBS5A3w-mEfaMyEHFfbCRfDPuN3oMgpGwvsh8MErCveY2qHTd-vVjRbyGSBI3xGb8n0vygARgDvi4_01HT2B15DpEGCIG9uCytGvw5v5d3xdwfG7v88RqCfZERnLTm9FeBrR1-e4Cqyn-2LMeq86dg3L2n7zrXwcLUq4Ux3COC8vdfCJw6SakBrRyVoGB2_ZpnKT4y_3Z5KKXDgOQTZ1lhibJv7CKfKzBiHww&sai=AMfl-YTMRkTTN34vtAQnnkEAhtM3sQcjTERAcd1rzanOBbRGypvrZBnA9EyfVA2kfrD2kSNuefAiMEsAY98VvSOHY4FkM1zorLEnjnymTfBszSg2oS5OjBHWEVs5N-FW6A&sig=Cg0ArKJSzHUjg82xGiD0EAE&uach_m=[UACH]&adurl=
Frame ID: 708D50398CBE05F9E37D91B5597875B9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 788FAEBCA44EDFB52162A9E258A75118
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7468CE59976B395DDC145F754B8016D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAKA47VWu7_06T5dlqxyBmPzwqSNR-ts9VcgUqdiT23vXrB8T-tDFTWeOMgnEKbuLznTjTb5GBdr4L_1cQ2GsLuq61lGfZ5sNbUL33NlB2o4k0aSS24_cGFDH4n9M2XcDwLPjdhj-QbHWvfdH2TxP58sOa5kgUaqjwlXAgkN7U_R39iWAtg1fg0GQtlg0vpd2eV6ac0R6durf7NIGX8vKMk1HQ4SywqSDVWM4F2qBmkHQ-vMYy_79kyuHkDAx2RCz5FGY7D4n4l3DYeqxEDCNLGg_tjxf5pF45kZZXRw&sai=AMfl-YRrzqZaiOI8N3rXSIL_TqKwkcL2dO5qfhI78xeWyfUG12lY9Kl0CC4vJIMvnBFG8wU7bFoQo3vMKwyeD0SCea3invKTwA6vCPQ5M7966S6ulk4JkysVnghQMoZ_JQ&sig=Cg0ArKJSzC5VDozhvuPhEAE&uach_m=[UACH]&adurl=
Frame ID: 99F5C9F0BC20B1C3091537FDDC7EA413
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Frame ID: AE52685BADD3FF251A372F851F1DEB74
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1049698619A72C65D3843EC846B56177
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 559E1605134BFB63C2909E37BA973C1C
Requests: 3 HTTP requests in this frame

Frame: https://snippet.tldw.me/tv/0.41.47/tvp.js
Frame ID: C461A3BAFBD612CCEB1C5D98243818AC
Requests: 13 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Frame ID: 7E8F38C64CD381D388F8F2A5ABA4803B
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=200&key=OPTOUT
Frame ID: 28DB63EC40A73DDF76A53699C188170E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=61d67b18f4d0980&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 7F067113C68F7C27E1FA8BC2BEE37210
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=55&key=2823204680093873736
Frame ID: D59662E6954986FE2B3DD664B6DAF1ED
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Frame ID: 9434A53929E56AB9853CE885A405FD0A
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=2&key=c43fc9e8-1b14-11ed-8bdd-190e06a80406
Frame ID: FD8E4475907AED5F9637138CCA07F293
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: AFB8BB148BCE2B52C42A759E625F9B02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19548BED9DA954A304B6B8035E8FEEFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEF8348B8DB40F904853F569AC5518DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - KESQcircle-arrowPlay ButtonStop Buttonchevron-rightchevron-leftchevron-upsearchwarningchevron-left-skinnychevron-right-skinnyxclockcalendarplay-buttoncancel-circleusertwitterfacebookyoutubeinstagramemaillinkedin

Page URL History Show full URLs

  1. http://kesq.com/ HTTP 301
    https://kesq.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

354
Requests

96 %
HTTPS

39 %
IPv6

54
Domains

92
Subdomains

78
IPs

9
Countries

11215 kB
Transfer

21053 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kesq.com/ HTTP 301
    https://kesq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&C=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yve1-WNWaw..TNosuYjOvgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&google_hm=2
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBet-ErSylPUqmF4Ftjii7w&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBet-ErSylPUqmF4Ftjii7w%26google_cver%3D1
Request Chain 249
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgyMzIwNDY4MDA5Mzg3MzczNg%3D%3D
Request Chain 254
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRxl50jy5vFG9yE7M91-rNhSv2v1MsfuuRa3Xv1wUK1IGRnM31rhJvj0UC9Q&google_gid=CAESEKs44elyKjzNYmMGW471r8w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZlMS1RQUFCVWxxNldkdQ&google_push=AehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRxl50jy5vFG9yE7M91-rNhSv2v1MsfuuRa3Xv1wUK1IGRnM31rhJvj0UC9Q
Request Chain 255
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_BoQkZAjPXckSBjPAUCW4zWPD5IU98X&google_gid=CAESEBmvetpM2uZJaJ3JV2XHzjU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_BoQkZAjPXckSBjPAUCW4zWPD5IU98X&google_gid=CAESEBmvetpM2uZJaJ3JV2XHzjU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMxNDMyMzAwMDAyNjY5NzQ0Njc0Mg%3D%3D&google_push=AehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_BoQkZAjPXckSBjPAUCW4zWPD5IU98X
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBDc5h_icQeiC32JXKFor6w&google_cver=1&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7rMFh0T9jk42Mf2TVgZeCnnzq1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSWloySU4tWS04VlRS&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7rMFh0T9jk42Mf2TVgZeCnnzq1s
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_cver=1&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatXpjsAp6W6jTAIStM2Q5d-qEM2APYNO0ZsdTuNK8AdgTiFod61Qz1acg1xfuwO3nE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatXpjsAp6W6jTAIStM2Q5d-qEM2APYNO0ZsdTuNK8AdgTiFod61Qz1acg1xfuwO3nE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_hm=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&google_nid=index&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatXpjsAp6W6jTAIStM2Q5d-qEM2APYNO0ZsdTuNK8AdgTiFod61Qz1acg1xfuwO3nE
Request Chain 304
  • https://sync.1rx.io/usersync2/rmpssp?sub=minute&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=200&key=OPTOUT
Request Chain 306
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=55&key=2823204680093873736
Request Chain 308
  • https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D2%26key%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=c43fca2b-1b14-11ed-8bdd-190e06a80406 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=2&key=c43fc9e8-1b14-11ed-8bdd-190e06a80406
Request Chain 321
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&dcc=t
Request Chain 325
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=313f62f7-b601-4900-afa8-0ea6469664f6&gdpr=1&gdpr_consent=
Request Chain 327
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7136875521312367589&uid=Q7136875521312367589&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 334
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PEuhMXx6UXlrVTFnTUR1aVNvcFdZOGVCS1NyRElmVEViWjRwaDhTOHo5WnNiMzB3RVU0TTdTS1pOTlRYVGpicUJ5MlFtL1ZVYUwzeDZ3RzNCeXJpZ2VrSGNjNllRS2pXZGlrM2JldFgyblB3ZTdObFZWdUxzQUpUR2dycllPYjk5YWZ1SDJUdGdXZUlYWG1GYmUwRzdJeWl0SWtyNWYvQm5MNW1QeDR1QUVCdmFPdEJxeE5pL1JuRm5ldDhucVQ2UmIwbVpTcmk2L1A5NmFydUhYRjVQMm9WR05qK2QzZ0J1YjBqVk9jK3BjdXpnRzVvPXw&cppv=2

354 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kesq.com/
Redirect Chain
  • http://kesq.com/
  • https://kesq.com/
194 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ff6fd6e9e26c327b6f8c89b35074ca973bc74ed43c558dd11dafadddad41ca8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
314
cache-control
public, max-age=2400
content-encoding
gzip
content-length
52073
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 14:32:24 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
link
<https://kesq.com/wp-json/>; rel="https://api.w.org/" <https://kesq.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://kesq.com/>; rel=shortlink
permissions-policy
accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31622400
traceparent
00-9d2ebd09104b4980a767bae7b92fd6c7-4754bc308b487f12-00
vary
Accept-Encoding, Cookie, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
1, 0
x-cloud-trace-context
9d2ebd09104b4980a767bae7b92fd6c7/5139939991417814802;o=0
x-content-type-options
nosniff
x-distributor
yes
x-pantheon-styx-hostname
styx-fe1-b-784cd8578b-68lgx
x-served-by
cache-chi-klot8100062-CHI, cache-maa10224-MAA
x-styx-req-id
03cd9e4b-1b14-11ed-8a80-ea92bc58cf60
x-timer
S1660401144.395693,VS0,VE242
x-xss-protection
1; mode=block;

Redirect headers

Accept-Ranges
bytes
Age
55209
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 13 Aug 2022 14:32:23 GMT
Location
https://kesq.com/
Server
nginx
Traceparent
00-0d0dbfa2021441db90b0760ed330ed40-1a0a6fe253cc81f9-00
Vary
Cookie, Cookie
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
X-Cloud-Trace-Context
0d0dbfa2021441db90b0760ed330ed40/1876435212612436473;o=0
X-Pantheon-Styx-Hostname
styx-fe1-b-784cd8578b-49xqw
X-Served-By
cache-chi-kigq8000020-CHI, cache-maa10226-MAA
X-Styx-Req-Id
334b9fb8-1a94-11ed-92ab-d6a287824e1e
X-Timer
S1660401144.550059,VS0,VE1
iframe.css
kesq.com/wp-content/plugins/squareoffs/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/squareoffs/css/iframe.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f88bd2fd79e49bea67ca9456b79facac3769c5703a6f33826e21301d83e7255
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d67879-153f"
age
2177106
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-6lcjl
x-cache
HIT, HIT
x-cloud-trace-context
9193f5a19d7b498dbe47f3e2c7bca8b9/828451935253181667;o=0
content-length
1741
x-served-by
cache-chi-klot8100171-CHI, cache-maa10224-MAA
last-modified
Tue, 19 Jul 2022 09:25:13 GMT
server
nginx
traceparent
00-9193f5a19d7b498dbe47f3e2c7bca8b9-0b7f40a5524034e3-00
x-timer
S1660401145.932555,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Thu, 20 Jul 2023 09:47:18 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
c7233523-0747-11ed-a1c0-ba702e11659f
x-cache-hits
1, 1
cropper.css
kesq.com/wp-content/plugins/squareoffs/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/squareoffs/css/cropper.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fbbae4abf7e1b517f1f8eae51d45b771e95aeaf3975671750c3ed138c09de78
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e383ec-1360"
age
1148990
x-pantheon-styx-hostname
styx-fe1-b-784cd8578b-wvsb4
x-cache
HIT, HIT
x-cloud-trace-context
d6c4b06ab0f54fa0aa6e9e14a617e431/2096425772401630733;o=0
content-length
1488
x-served-by
cache-chi-klot8100076-CHI, cache-maa10224-MAA
last-modified
Fri, 29 Jul 2022 06:53:32 GMT
server
nginx
traceparent
00-d6c4b06ab0f54fa0aa6e9e14a617e431-1d180021f5f91e0d-00
x-timer
S1660401145.933313,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Tue, 01 Aug 2023 07:22:35 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
8c8bb9b6-10a1-11ed-aa50-0eb33d3847cf
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/block-library/ 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-145db"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-2rsbg
x-cache
HIT, HIT
x-cloud-trace-context
b83f869741da4567bcdaf4ac38f9be24/2333872851115839719;o=0
content-length
14478
x-served-by
cache-chi-kigq8000151-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-b83f869741da4567bcdaf4ac38f9be24-206394fe21b010e7-00
x-timer
S1660401145.933306,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1bd4b10-03c7-11ed-a076-fe1267171b14
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/components/ 		120 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/components/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e97339829ec9d0ff5c5084e54a11134828a5787b9081afa964ba4e588d907d
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-1de31"
age
2561890
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-cbcsb
x-cache
HIT, HIT
x-cloud-trace-context
9ad14bd0893f4d8fb5e50e4634307f11/17229305313861352095;o=0
content-length
21292
x-served-by
cache-chi-kigq8000080-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-9ad14bd0893f4d8fb5e50e4634307f11-ef1ac9e5ef74ba9f-00
x-timer
S1660401145.933286,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c28ed7-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/block-editor/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/block-editor/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
436bff18353cdd23f319497c726b6d88c27dc3a90b176ff7cc16bc5f0ffd8906
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-1b566"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-rpn9n
x-cache
HIT, HIT
x-cloud-trace-context
380c45aefcd2442cbff49f8b5ddbcd64/8843784245547509128;o=0
content-length
20184
x-served-by
cache-chi-klot8100072-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-380c45aefcd2442cbff49f8b5ddbcd64-7abb6eea3a0e2588-00
x-timer
S1660401145.933698,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c76890-03c7-11ed-b329-8efbea45c253
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/nux/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/nux/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5bca2d4288328711026ee112d545ab38fc8e56e5eb81ce85befa09b4d16dbc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-ad0"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-8hpfn
x-cache
HIT, HIT
x-cloud-trace-context
0dd2ce85483442cd89695de5c402efa6/8875043668530967308;o=0
content-length
810
x-served-by
cache-chi-kigq8000077-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-0dd2ce85483442cd89695de5c402efa6-7b2a7d31ccde330c-00
x-timer
S1660401145.933679,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c3f989-03c7-11ed-b721-6a3a297be2ea
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/reusable-blocks/ 		522 B
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-20a"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-2rsbg
x-cache
HIT, HIT
x-cloud-trace-context
11d3dde1d9b64b799e0dc0d4d831076b/4098002350614076076;o=0
content-length
260
x-served-by
cache-chi-klot8100163-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-11d3dde1d9b64b799e0dc0d4d831076b-38df076cfd115aac-00
x-timer
S1660401145.933674,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c43ba6-03c7-11ed-a076-fe1267171b14
x-cache-hits
1, 1
style.min.css
kesq.com/wp-includes/css/dist/editor/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/css/dist/editor/style.min.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8ee2708c1df628a6145b03d746fbdbb5076288464484672b25f70917ecea416
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-517a"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-2rsbg
x-cache
HIT, HIT
x-cloud-trace-context
2ec9dfae52384d8fb0a00e4a136a6d23/5362595525893315487;o=0
content-length
4605
x-served-by
cache-chi-klot8100086-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-2ec9dfae52384d8fb0a00e4a136a6d23-4a6bc437f2f85b9f-00
x-timer
S1660401145.933654,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c6c573-03c7-11ed-a076-fe1267171b14
x-cache-hits
1, 1
mediacloud-mux.blocks.style.css
kesq.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/ 		141 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/mediacloud-mux.blocks.style.css
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df1-8d"
age
2561890
x-pantheon-styx-hostname
styx-fe1-a-679db49985-kfd84
x-cache
HIT, HIT
x-cloud-trace-context
188f527be2364f149eb5a36fd6611074/10116341839648759256;o=0
content-length
133
x-served-by
cache-chi-kigq8000060-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:29 GMT
server
nginx
traceparent
00-188f527be2364f149eb5a36fd6611074-8c64774df2af9dd8-00
x-timer
S1660401145.933646,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1c58ce1-03c7-11ed-add9-aa1b03124d3f
x-cache-hits
1, 1
video-js.css
vjs.zencdn.net/7.15.4/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.15.4/video-js.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
176fec6a7fad473d3102d548facfa993bedf4322dca6c0c308ac46d0ef7265c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:25 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 21:08:21 GMT
etag
"fd0eb27f568b77ae49c0a783f270e7f3"
x-served-by
cache-mxp6953-MXP
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
timing-allow-origin
*
content-length
10908
x-cache-hits
1
videojs-hls-player.css
kesq.com/wp-content/plugins/videojs-hls-player/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/videojs-hls-player/videojs-hls-player.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3f9b227f6f1789e870ce5ffe0d4becb276ec5abeb98d45d82ff5040a1b11611
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e31e50-728"
age
1222988
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-k4r75
x-cache
HIT, HIT
x-cloud-trace-context
e741b62589fb42bea7cf3ccb89314a27/15440567199283147688;o=0
content-length
685
x-served-by
cache-chi-klot8100020-CHI, cache-maa10224-MAA
last-modified
Thu, 28 Jul 2022 23:40:00 GMT
server
nginx
traceparent
00-e741b62589fb42bea7cf3ccb89314a27-d647ea0f63d1f3a8-00
x-timer
S1660401145.979892,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Mon, 31 Jul 2023 10:49:17 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
4250bc17-0ff5-11ed-bc16-e25d3dd2c0aa
x-cache-hits
1, 1
theme.min.css
kesq.com/wp-content/themes/storymate-npg/build/css/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/themes/storymate-npg/build/css/theme.min.css?ver=1.4.21
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-67e6"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-rpn9n
x-cache
HIT, HIT
x-cloud-trace-context
e4983c7fcbae46029084df512fef9381/4838769305954233780;o=0
content-length
7053
x-served-by
cache-chi-kigq8000174-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-e4983c7fcbae46029084df512fef9381-4326c30bff772db4-00
x-timer
S1660401145.979877,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1cbaf12-03c7-11ed-b329-8efbea45c253
x-cache-hits
1, 1
theme.min.css
kesq.com/wp-content/themes/storymate-theme/build/css/ 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/themes/storymate-theme/build/css/theme.min.css?ver=1.4.21
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-e34a"
age
2561891
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-cbcsb
x-cache
HIT, HIT
x-cloud-trace-context
f366a988ca9d4bd994e9a41677a2f652/3806090726476354875;o=0
content-length
13902
x-served-by
cache-chi-kigq8000023-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-f366a988ca9d4bd994e9a41677a2f652-34d1f359a688153b-00
x-timer
S1660401145.979858,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1ca83a0-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits
1, 1
style_login_widget.css
kesq.com/wp-content/plugins/miniorange-oauth-oidc-single-sign-on/resources/css/ 		740 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/miniorange-oauth-oidc-single-sign-on/resources/css/style_login_widget.css?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3962092881c2463cf6a930cc815c05d1fffdea3c8b2f6220b0de85e31f81784c
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df1-2e4"
age
2561891
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-ddsh8
x-cache
HIT, HIT
x-cloud-trace-context
893be0f975c7452c8277cfa55f27293d/16096601748653916958;o=0
content-length
400
x-served-by
cache-chi-kigq8000151-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:29 GMT
server
nginx
traceparent
00-893be0f975c7452c8277cfa55f27293d-df629e01c772c31e-00
x-timer
S1660401145.979845,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1cc1207-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits
1, 1
style.min.css
kesq.com/wp-content/plugins/pojo-accessibility/assets/css/ 		51 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df1-cbb9"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-6vcqf
x-cache
HIT, HIT
x-cloud-trace-context
076b67d61ea14a6bb17dafebc369f753/975307910038618530;o=0
content-length
5957
x-served-by
cache-chi-klot8100165-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:29 GMT
server
nginx
traceparent
00-076b67d61ea14a6bb17dafebc369f753-0d88fd60747b01a2-00
x-timer
S1660401145.979826,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:14 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1cc60ba-03c7-11ed-a58f-36a94022e041
x-cache-hits
1, 1
socialshare.css
kesq.com/wp-content/plugins/wp-social-sharing/static/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/wp-social-sharing/static/socialshare.css?ver=1.6
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d4b989-1aa5"
age
2185797
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-2nrvq
x-cache
HIT, HIT
x-cloud-trace-context
6ba804eba749494f88fd5033fb4ced9b/1779011878784558124;o=0
content-length
1270
x-served-by
cache-chi-kigq8000028-CHI, cache-maa10224-MAA
last-modified
Mon, 18 Jul 2022 01:38:17 GMT
server
nginx
traceparent
00-6ba804eba749494f88fd5033fb4ced9b-18b051e0ce27642c-00
x-timer
S1660401145.979818,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Thu, 20 Jul 2023 07:22:28 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
8b8d2f33-0733-11ed-84b9-0e40336669c2
x-cache-hits
1, 1
ready.js
pymx5.com/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ready.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:40:45 GMT
age
3099
x-guploader-uploadid
ADPycdvqAG5SuklH7wvOm_OO1Yy1tjUoEZi266BpgwfDXaBE53fogMfA7Q45qDg0KZK0qzqvlaLlMB8PfZBOpbdkfNrY6A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1278
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"06467ab40d7f92f9794f0b20431992be"
x-goog-hash
crc32c=fis9Og==, md5=BkZ6tA1/kvl5TwsgQxmSvg==
x-goog-generation
1657865951646835
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
1278
accept-ranges
bytes
content-type
application/javascript
ims.js
pymx5.com/scripts/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ims.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:42:21 GMT
age
3003
x-guploader-uploadid
ADPycdsU8ucwVLJ76raU9HhwOXq-RP9E4dl4DKmj-QBOTDBPWC-QhqAOUAW4VF74UnwPMEOkiHOsCE69vsOAqUiUzK5SLQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16603
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"ad907d3febe0f354e5ddae6c691909db"
x-goog-hash
crc32c=p2OvPg==, md5=rZB9P+vg81Tl3a5saRkJ2w==
x-goog-generation
1657865951791907
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
16603
accept-ranges
bytes
content-type
application/javascript
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:27:29 GMT
age
298
x-guploader-uploadid
ADPycdtdWJoNZfi7_hFUMv8NveJHKZt2gtgLzbxtvyVDnHKspNlE3qpkOtYoocZ2CGQ0fcg2D2vRjgSTgRkIS4fClQLWo1B55Blb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8946
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1657865951655064
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
jquery.min.js
kesq.com/wp-includes/js/jquery/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-15db1"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-8hpfn
x-cache
HIT, HIT
x-cloud-trace-context
39a622e0b47546f29c8651d95464a0a6/582373503790600858;o=0
content-length
36052
x-served-by
cache-chi-klot8100068-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-39a622e0b47546f29c8651d95464a0a6-0815019dbc09d29a-00
x-timer
S1660401145.979799,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:14 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1ce6116-03c7-11ed-b721-6a3a297be2ea
x-cache-hits
1, 1
jquery-migrate.min.js
kesq.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e36432-2bd8"
age
1229177
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-8lg2k
x-cache
HIT, HIT
x-cloud-trace-context
f5bb97a62ef746dc9dfaa77df2c47060/13495517808193486805;o=0
content-length
4565
x-served-by
cache-chi-klot8100081-CHI, cache-maa10224-MAA
last-modified
Fri, 29 Jul 2022 04:38:10 GMT
server
nginx
traceparent
00-f5bb97a62ef746dc9dfaa77df2c47060-bb49b5f1b954bfd5-00
x-timer
S1660401145.979783,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 31 Jul 2023 09:06:07 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
d92af71d-0fe6-11ed-a45f-1e8c46784284
x-cache-hits
1, 1
super-speedy-search.js
kesq.com/wp-content/plugins/super-speedy-search/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/super-speedy-search/assets/js/super-speedy-search.js?ver=2.06
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20dd55f5158dd6daa30e062649c9bad8584ff07b6bb4a4a2157fe9da05dd355f
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df1-10f2"
age
2561891
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-ddsh8
x-cache
HIT, HIT
x-cloud-trace-context
aa4b86149bef4a0b95f52dcc89c3694d/6129084700843043168;o=0
content-length
1701
x-served-by
cache-chi-kigq8000045-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:29 GMT
server
nginx
traceparent
00-aa4b86149bef4a0b95f52dcc89c3694d-550ee20fe807e960-00
x-timer
S1660401145.979765,VS0,VE1
date
Sat, 13 Aug 2022 14:32:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:13 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e1cbd6f5-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits
1, 287
embed.js
squareoffs.com/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embed.js?ver=2.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:24 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Fri, 29 Jul 2022 07:57:46 GMT
server
Cowboy
age
368406
x-served-by
cache-iad-kcgs7200175-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401145.819492,VS0,VE2
content-length
2414
x-cache-hits
1, 1
videojs-ie8.min.js
vjs.zencdn.net/ie8/1.1.2/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js?ver=1.0.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:24 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2016 20:27:09 GMT
etag
"2ff9bb22f0b1789ac170247b0825488f"
x-served-by
cache-mxp6953-MXP
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
8924
x-cache-hits
1
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7d8f3963f241f576ad4ffa74bdc05bf0fb7553562c258b5244757758620e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28764
x-xss-protection
0
server
sffe
etag
"1302 / 7 of 1000 / last-modified: 1660341915"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Aug 2022 14:32:24 GMT
wp-emoji-release.min.js
kesq.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-4705"
age
2561891
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-cbcsb
x-cache
HIT, HIT
x-cloud-trace-context
d7f0de6f0f364c3d89040a7c37319f3c/7706680083029101354;o=0
content-length
5714
x-served-by
cache-chi-kigq8000100-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-d7f0de6f0f364c3d89040a7c37319f3c-6af3a0b42a870b2a-00
x-timer
S1660401148.618210,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e338ba45-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits
1, 1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28772
x-xss-protection
0
server
sffe
etag
"1302 / 316 of 1000 / last-modified: 1660341990"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Aug 2022 14:32:27 GMT
load.js
s.ntv.io/serve/ 		472 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:24 GMT
Content-Encoding
gzip
x-amz-request-id
XY4KBT20QRB491NE
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
CE8MTDM8IDOKqDfk0qLGvM7Qc2vna6f7qULGHGe80blCQbzWmeAY53DsYOlrImiO0NyY3S37jHo=
Last-Modified
Fri, 12 Aug 2022 01:01:09 GMT
Server
AmazonS3
ETag
"febd3311857289fff1b140dfb03d0b67"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3dd33663f707b3521431259fdd071f656b8365402b22fbc387bec385b66e282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
HdGv4ubs3DPJJgpoXPiOB4NGTVb3a6dY
content-encoding
br
last-modified
Tue, 09 Aug 2022 11:00:32 GMT
server
AmazonS3
age
1911
etag
W/"8261f1dcf67d823d2fb7219ca2172e87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control
public,max-age=3600
date
Sat, 13 Aug 2022 14:00:37 GMT
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
O0ikYY5DfdxJE3BimVbaUv86xyDLnATKnPe0Mj11K77ZNiqstxO1Jg==
MIN-30430.js
apv-launcher.minute.ly/api/launcher/ 		110 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2e6960e27d1e2205a558b6be0996f954906d17646857fd11c31229b4e19bdcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:30 GMT
Content-Encoding
gzip
X-HW
1660401148.dop084.lo4.t,1660401150.cds214.lo4.shn,1660401150.dop084.lo4.t,1660401150.cds217.lo4.c
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
55252
npgco.js
cdn.blueconic.net/ 		130 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/npgco.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-105.fra60.r.cloudfront.net
Software
- /
Resource Hash
a58b5573e094decca6032a2d52bee2cae53654e12b88252f88c9d78b29f87322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
407
x-cache
Hit from cloudfront
content-length
39975
x-xss-protection
1; mode=block
last-modified
Tue, 21 Jun 2022 08:46:20 GMT
server
-
etag
"208cd-5e1f141306d70-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
FRA60-P4
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
VkSSsnlOMfLYS10MXiQl-rlOFCcgg96EINp-n-nJIdJruQ8o3ja3CQ==
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-19610616-1
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b36de54a52c8800c0c852834995d4220d1bab499fee03ee4d612397f36d9d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41882
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Aug 2022 14:32:27 GMT
nc3xsm.png
kesq.b-cdn.net/2020/03/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2020/03/nc3xsm.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
8ae1f5532f9d310fe1c417006170224df6af527c6a8abf8f8d297c611302ec8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
9F8E601688DF1C05
cdn-cachedat
07/19/2022 20:21:33
cdn-pullzone
145650
content-length
15526
x-amz-id-2
uJf4lFyahQkEEYJQkj1sqzHoYNiT4AWq45uoVFDd1JYZYqxMTQvewyOoSsliyCHkX8qAuYFqyYn+
server
BunnyCDN-DE-752
last-modified
Thu, 12 Mar 2020 16:50:26 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
e10a49929b809b9189f89f6bc7cb7c9e
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
kesq.jpg
kesq.b-cdn.net/2021/06/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/06/kesq.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
30238015ace7c59521ab23dcda63e83d0dd715c77e548ffd70fdfad89c683197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
756
x-amz-request-id
EA9E3AC3BAEA1699
cdn-cachedat
06/09/2022 20:13:02
cdn-pullzone
145650
content-length
47080
x-amz-id-2
aKj/uzv/csXQA1S5CVk+BGb0PlP+E4xMHh/ci/RmvM6z6nJgJs1OIs3BkWqXt0XkyBFZwXBM01ku
server
BunnyCDN-DE-752
last-modified
Fri, 04 Jun 2021 05:56:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
831c8060cfb076ff0ddd864979e2eda6
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
9000_clear_day.png
kesq.com/wp-content/themes/storymate-npg/assets/images/weather-icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.com/wp-content/themes/storymate-npg/assets/images/weather-icons/9000_clear_day.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31c85cc6147bdb0f54524cfbaefe5af4834364821fa95d371591e2242c3789e9
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"62d09df2-1312"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-rpn9n
x-cache
HIT, HIT
x-cloud-trace-context
e98bfedf2da6421798e7e457a848443e/11497490772504296006;o=0
content-length
4882
x-served-by
cache-chi-klot8100163-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-e98bfedf2da6421798e7e457a848443e-9f8f4af0f7733a46-00
x-timer
S1660401148.618187,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
content-type
image/png
x-styx-req-id
e33a672d-03c7-11ed-b329-8efbea45c253
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
cover-375x225.jpg
kesq.b-cdn.net/2022/08/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/cover-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
f2940a03121f2fbd112725710de88a9ca873e00e714bf3e9821aa75e3fa7d549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
E8A975B2ACDDEB8F
cdn-cachedat
08/13/2022 01:30:09
cdn-pullzone
145650
content-length
17687
x-amz-id-2
rxV6bYIQH1g81akxUlg8sAdaQG5w7zPvTU5assj6zf1uzpfpX+c3jGIr6WSbwZXEBqAyp8+Vgy8e
server
BunnyCDN-DE-752
last-modified
Sat, 13 Aug 2022 00:49:21 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
da79667563efd46d000573ac90efdb52
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
desert-air.png
kesq.b-cdn.net/2020/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2020/07/desert-air.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
d9a788f4d19b9938a61116bc4cae75cdfbe029d8d0de13d1bf5c7458d33dea7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
723
x-amz-request-id
56E1F17DA7D7C8A5
cdn-cachedat
03/12/2022 20:00:09
cdn-pullzone
145650
content-length
4783
x-amz-id-2
NhM6hLwUNGI9B+xzSUCRV8M0gH0s2Q9mPXjSBKbaviQ6uauFgXmpOksHyPnUF4vk67EZsI7xV4iV
server
BunnyCDN-DE-752
last-modified
Thu, 30 Jul 2020 17:46:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
e2f9bd9298043167d929725ea285baf7
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
embed.js
squareoffs.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embed.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:25 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Fri, 29 Jul 2022 07:57:46 GMT
server
Cowboy
age
339515
x-served-by
cache-iad-kjyo7100144-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401145.375014,VS0,VE2
content-length
2414
x-cache-hits
1, 1
50142-Fantasy-Springs-Logo-120.jpg
kesq.b-cdn.net/2021/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/06/50142-Fantasy-Springs-Logo-120.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
6882e5b22cfa863c2631280944c5e9dcb6dd7ae9c4f159021fce2bed20d4d529

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
865
x-amz-request-id
87FF71C505001381
cdn-cachedat
05/22/2022 00:26:50
cdn-pullzone
145650
content-length
20420
x-amz-id-2
sMZpbJHy5OSnyngqwyhCEg9NpkbIKByjZTl03KyX7Aip01XWIt6x/XgOzrCo4z9Si/JSvZX+ZGOs
server
BunnyCDN-DE-752
last-modified
Mon, 21 Jun 2021 20:20:38 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
338ec2e10587c514e193fcc24d093a24
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
fw-loader.js
feed.mikle.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-loader.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c00371b4c5eb8328791a15210ed22492ec7efbd4895907e1bea770fcff12e53c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:25 GMT
cache-control
no-cache
last-modified
Tue, 12 Jul 2022 07:38:12 GMT
server
nginx
content-encoding
gzip
etag
W/"62cd24e4-fb2"
content-type
application/javascript; charset=UTF-8
kesq-news-app-icon.jpg
s3.us-east-1.wasabisys.com/kesq.com/2019/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.wasabisys.com/kesq.com/2019/11/kesq-news-app-icon.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head15) /
Resource Hash
1958d7d53006e287cd42b0d5dbc5f26475e67c39e00ba21ad9e5f5a34a39e445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:27 GMT
Last-Modified
Fri, 01 Nov 2019 20:11:03 GMT
Server
WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head15)
x-amz-request-id
ADE44133C25F1A1F
ETag
"3255e8b81305637025165d2095a77c08"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20407
x-amz-id-2
OuyesVyvR5maV03qTONFB2E8CuwYFleVLnCMv962t9hHhxBttRg2dxjv1Q1UhBLv9T652gObE9a7
kesq-weather-app-icon.png
s3.us-east-1.wasabisys.com/kesq.com/2019/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.wasabisys.com/kesq.com/2019/11/kesq-weather-app-icon.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head17) /
Resource Hash
a411d089866aaa8961b38410d3ed37f4d52ca0ab15236d67b0f56f93bb20a5cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:27 GMT
Last-Modified
Fri, 01 Nov 2019 20:11:05 GMT
Server
WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head17)
x-amz-request-id
FD8BE1957A4F766E
ETag
"b78983a95f0708dce334ab4747c8d098"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8768
x-amz-id-2
oB0XxhqvQr7TJicahU+oV2zEwAux0h2E/Kjn+30A9cCjoLTj/yBlZLnSdMueF5rZsLQetHZYY12J
video.js
vjs.zencdn.net/7.15.4/ 		2 MB
461 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.15.4/video.js?ver=1.0.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0879d98559c8e27797788a87521a624188b93b24c7fa99df9f870bf1b323191d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:25 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 21:08:22 GMT
etag
"3be88bedd852bb336bc3519c594124a8"
x-served-by
cache-mxp6953-MXP
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
timing-allow-origin
*
content-length
471302
x-cache-hits
1
videojs-hls-player.js
kesq.com/wp-content/plugins/videojs-hls-player/ 		401 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/videojs-hls-player/videojs-hls-player.js?ver=1.0.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa074e019e49996734864780e02fa6b387cda33de27f43c2a1b6957be676f981
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df1-191"
age
2561896
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-ccnqj
x-cache
HIT, HIT
x-cloud-trace-context
f53c1239072c466a89ad116ad7b72bdb/1964492261468779404;o=0
content-length
247
x-served-by
cache-chi-kigq8000032-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:29 GMT
server
nginx
traceparent
00-f53c1239072c466a89ad116ad7b72bdb-1b43474db0d9b38c-00
x-timer
S1660401146.251606,VS0,VE1
date
Sat, 13 Aug 2022 14:32:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:09 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
df38a2c2-03c7-11ed-9a70-feb4ad2bd266
x-cache-hits
1, 23
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		329 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment-with-locales.min.js?ver=2.24.0
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
854525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54791
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-52243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi3ehdyzexVy73lCr%2FQve36qmipxDNjLjDfB%2FyQ5dVewm9wjSMVqtdieeQQzVeduFOogEhfvJqkcLjDJBZx6wiLB8KWhyl4hDDqepa8MlgilV0Zw2OBj6Cnnl0TusLqnICLSxCw6CeUDWgD8cr0pmBU5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73a228fd1d782325-ZRH
expires
Thu, 03 Aug 2023 14:32:26 GMT
moment-timezone-with-data.min.js
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/ 		181 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/moment-timezone-with-data.min.js?ver=0.5.26
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9897191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21383
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2d327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q1xH5jgQ%2FrhPyCI1qSqsYXPES24XVqCaEfsiew%2BDfCYGjdHhFMFvMkGt8EhzZiNIkXX4biBrtBOuqjyGvfhOCWfDRYJlyg0faMzSrov%2FrbifSgupjwNpnHUWXvDT%2FU7Ffcp4sv3Gr788T150RsANVlW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73a228fd5df92325-ZRH
expires
Thu, 03 Aug 2023 14:32:26 GMT
underscore.min.js
kesq.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df3-4a7d"
age
2561891
x-pantheon-styx-hostname
styx-fe1-b-8cd7f97c7-ccnqj
x-cache
HIT, HIT
x-cloud-trace-context
d7a559f163f346348fd11545aadf97e6/5389542776366009278;o=0
content-length
8101
x-served-by
cache-chi-kigq8000179-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:31 GMT
server
nginx
traceparent
00-d7a559f163f346348fd11545aadf97e6-4acb80999f118bbe-00
x-timer
S1660401147.687403,VS0,VE0
date
Sat, 13 Aug 2022 14:32:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e332385b-03c7-11ed-9a70-feb4ad2bd266
x-cache-hits
1, 303
backbone.min.js
kesq.com/wp-includes/js/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e31e52-5cf2"
age
1228278
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-k4r75
x-cache
HIT, HIT
x-cloud-trace-context
8f779b200513481fa08a71ccbe093956/2969171585122777119;o=0
content-length
9085
x-served-by
cache-chi-kigq8000044-CHI, cache-maa10224-MAA
last-modified
Thu, 28 Jul 2022 23:40:02 GMT
server
nginx
traceparent
00-8f779b200513481fa08a71ccbe093956-29349dd3486d381f-00
x-timer
S1660401147.973836,VS0,VE1
date
Sat, 13 Aug 2022 14:32:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 31 Jul 2023 09:21:09 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
f24f92b2-0fe8-11ed-bc16-e25d3dd2c0aa
x-cache-hits
1, 1
api-request.min.js
kesq.com/wp-includes/js/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/api-request.min.js?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62ef92ce-401"
age
376542
x-pantheon-styx-hostname
styx-fe1-b-784cd8578b-24fml
x-cache
HIT, HIT
x-cloud-trace-context
ec1d0d689e7844c6b80c30c64d881b97/4925124575782406000;o=0
content-length
597
x-served-by
cache-chi-kigq8000057-CHI, cache-maa10224-MAA
last-modified
Sun, 07 Aug 2022 10:24:14 GMT
server
nginx
traceparent
00-ec1d0d689e7844c6b80c30c64d881b97-44598eb50e0e8770-00
x-timer
S1660401147.259393,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Thu, 10 Aug 2023 05:56:44 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
0c2918f9-17a8-11ed-9b63-def24d54ee6d
x-cache-hits
1, 1
wp-api.min.js
kesq.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-includes/js/wp-api.min.js?ver=5.9.3
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e31e52-395e"
age
1239595
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-8lg2k
x-cache
HIT, HIT
x-cloud-trace-context
b37a4238fd1d4dc68de774ed4023fd5f/803350424705044263;o=0
content-length
4675
x-served-by
cache-chi-klot8100159-CHI, cache-maa10224-MAA
last-modified
Thu, 28 Jul 2022 23:40:02 GMT
server
nginx
traceparent
00-b37a4238fd1d4dc68de774ed4023fd5f-0b2612f476b40f27-00
x-timer
S1660401148.539952,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 31 Jul 2023 06:12:32 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
98e83626-0fce-11ed-a45f-1e8c46784284
x-cache-hits
1, 1
theme.min.js
kesq.com/wp-content/themes/storymate-npg/build/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/themes/storymate-npg/build/js/theme.min.js?ver=1.4.21
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-43ae"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-8hpfn
x-cache
HIT, HIT
x-cloud-trace-context
afe3ef51aa49454c9f04e3777ab97121/9428014233493854884;o=0
content-length
5992
x-served-by
cache-chi-klot8100106-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-afe3ef51aa49454c9f04e3777ab97121-82d708fe5cba5aa4-00
x-timer
S1660401148.550625,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e33ed2e9-03c7-11ed-b721-6a3a297be2ea
x-cache-hits
1, 1
vendor.min.js
kesq.com/wp-content/themes/storymate-theme/build/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/themes/storymate-theme/build/js/vendor.min.js?ver=1.4.21
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-af26"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-rpn9n
x-cache
HIT, HIT
x-cloud-trace-context
ab183d1947cd44e49ed3af1b21afd80d/3677154844675433968;o=0
content-length
13737
x-served-by
cache-chi-kigq8000139-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-ab183d1947cd44e49ed3af1b21afd80d-3307e0d94cfc65f0-00
x-timer
S1660401148.618261,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e338873c-03c7-11ed-b329-8efbea45c253
x-cache-hits
1, 1
theme.min.js
kesq.com/wp-content/themes/storymate-theme/build/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/themes/storymate-theme/build/js/theme.min.js?ver=1.4.21
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-1638"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-kfd84
x-cache
HIT, HIT
x-cloud-trace-context
24034d332b42408688802c2ee696ba80/15151465579873899968;o=0
content-length
2118
x-served-by
cache-chi-klot8100081-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-24034d332b42408688802c2ee696ba80-d244d1ab42f115c0-00
x-timer
S1660401148.618263,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e33891b1-03c7-11ed-add9-aa1b03124d3f
x-cache-hits
1, 1
app.min.js
kesq.com/wp-content/plugins/pojo-accessibility/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62e383ec-14c1"
age
1157166
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-f9s8n
x-cache
HIT, HIT
x-cloud-trace-context
b013112f49964b97935868f1d5c17273/9836238635031892379;o=0
content-length
1841
x-served-by
cache-chi-kigq8000152-CHI, cache-maa10224-MAA
last-modified
Fri, 29 Jul 2022 06:53:32 GMT
server
nginx
traceparent
00-b013112f49964b97935868f1d5c17273-888156ec870c919b-00
x-timer
S1660401148.618254,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Tue, 01 Aug 2023 05:06:21 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
846e14f3-108e-11ed-9b66-bad65bb3fe92
x-cache-hits
1, 1
socialshare.js
kesq.com/wp-content/plugins/wp-social-sharing/static/ 		348 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-content/plugins/wp-social-sharing/static/socialshare.js?ver=1.6
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"62d09df2-15c"
age
2561891
x-pantheon-styx-hostname
styx-fe1-a-679db49985-6vcqf
x-cache
HIT, HIT
x-cloud-trace-context
e75639828b03457493b7598fbd7c3dc1/14196533105317518559;o=0
content-length
248
x-served-by
cache-chi-klot8100133-CHI, cache-maa10224-MAA
last-modified
Thu, 14 Jul 2022 22:51:30 GMT
server
nginx
traceparent
00-e75639828b03457493b7598fbd7c3dc1-c50437a490861cdf-00
x-timer
S1660401148.618202,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 15 Jul 2023 22:54:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
e338a657-03c7-11ed-a58f-36a94022e041
x-cache-hits
1, 1
vf-v2.js
cdn.viafoura.net/ 		736 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82b70d609052d43e48decf6212a52d8a5eef1f8bbf109d0afe7f5528b7b449e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
ta57O0igzX5kyshqUkGZgBJN.GKg8pbm
content-encoding
br
last-modified
Thu, 11 Aug 2022 17:32:25 GMT
server
AmazonS3
age
256
etag
W/"22a35964d2aeb2e57f3158d002600762"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sat, 13 Aug 2022 14:28:11 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
wDA0Gnof4o7ed8Eyf0Edr0nV2qKxjoXWBGVaFUDEUSOs6R8Ys0Y4sw==
get-context
api.pymx5.com/v1/publisher/ 		60 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/publisher/get-context
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:25 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json
access-control-allow-origin
https://kesq.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
ifilter-eval.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ifilter-eval.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:47:09 GMT
age
2718
x-guploader-uploadid
ADPycdu82gf9Vvmh0rEob8ivS2IeowtM3uLj9bFUjDJ8YgLuahuP0FlNKtF-KGixzc85Jz95NRP-N3dE7I6LoYTjMGjP1gsP5cEe
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8929
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"b8c23f3782f2b89bad7344ea2720b5ba"
x-goog-hash
crc32c=1cvcAw==, md5=uMI/N4LyuJutc0TqJyC1ug==
x-goog-generation
1634039087715113
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
8929
accept-ranges
bytes
content-type
application/javascript
messageRequest.js
pymx5.com/scripts/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/messageRequest.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:42:25 GMT
age
3002
x-guploader-uploadid
ADPycdvKWlhxk3mK1hjRNXJZbnMyS7S0dADJwLdbpj5veFqNatn8K-2yaEwQ3hGuw9Ci7LWlbe9cG-UJIbhqgfq1_iT3nw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6018
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"1c14d674aa94ed0a5b5b0830b8648345"
x-goog-hash
crc32c=5DBAqw==, md5=HBTWdKqU7QpbWwgwuGSDRQ==
x-goog-generation
1637826900235354
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
6018
accept-ranges
bytes
content-type
application/javascript
imstag.min.js
pymx5.com/ad-rendring/src/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/ad-rendring/src/imstag.min.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:47:09 GMT
age
2718
x-guploader-uploadid
ADPycdsm_WZwrFUsqVkChIyxqbGK74CXPhSfMwSzdWHMHzK9hj2a1_qLrQaQWYuu2UH8bF9kIXEOMtIvGxniZbvNGrPkSeBD11VU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102578
last-modified
Tue, 05 Jan 2021 10:02:41 GMT
server
UploadServer
etag
"298e66c7b1579da377cb19aec5a997c7"
x-goog-hash
crc32c=o3Vcbw==, md5=KY5mx7FXnaN3yxmuxamXxw==
x-goog-generation
1609840961551922
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
102578
accept-ranges
bytes
content-type
application/javascript
pubads_impl_2022080901.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 13 Aug 2022 13:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134589
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Aug 2023 13:00:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		362 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kesq.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
741d02336a1f98c14dc2373a43dec2293965d85578b0cfa1b5076a7328ee3555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
expires
Sat, 13 Aug 2022 14:32:25 GMT
gtm.js
www.googletagmanager.com/ 		136 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
417e449a2dc1b9e03f316fd5705aa81e6c2113c4e3099a8bcb093c537741e86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50778
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Aug 2022 14:32:27 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fkesq.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
55e4c1b7812c446409c03ee22281d60aafc37bf76bce24c16c55a1818b2dd853

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
770
expires
Mon, 1 Jan 1990 12:00:00 GMT
968
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		57 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/968?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-08-13T14%3A32%3A33%2B00%3A00&ts=1660401153876
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
c989fe6d1d351930c4bf8b47df69f59ac2ce7077a31bb8173b427146a630283f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://kesq.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10934
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kesq.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kesq.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
081222-CRISIS-BILLBOARDS-PKG.00_00_11_26.Still001-375x225.jpg
kesq.b-cdn.net/2022/08/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/081222-CRISIS-BILLBOARDS-PKG.00_00_11_26.Still001-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
230f41ad017fc6decd1c9167616eac8b02deace88a0587dfac7dc56c5bf6bbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
30864F6C992C4B01
cdn-cachedat
08/13/2022 05:33:34
cdn-pullzone
145650
content-length
26842
x-amz-id-2
43orS1sC1KnlcxDIujO2Yk3nZPBpSpO2mPYzsbPoW0/YnwCAwPmgdZNV1iQQeqsPdvB7cZCzMdw6
server
BunnyCDN-DE-752
last-modified
Sat, 13 Aug 2022 04:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
9d6dbec410657c57b08d264e1e6609ac
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
MGN_1280x720_20615P00-KNVRX-375x225.jpg
kesq.b-cdn.net/2022/08/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/MGN_1280x720_20615P00-KNVRX-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
96ca0808607cc88fed5102bcd8dded5bcb489cb50cb34ef505285c1852aab836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
043322168B61D7AB
cdn-cachedat
08/12/2022 19:49:24
cdn-pullzone
145650
content-length
20013
x-amz-id-2
/jFsJCZQn7865pMn8/H9/CwqyWu5qXrM24bc+SPQWzrBgFmdKS5Lag0BSEDn0xuii6pJp3swDgNi
server
BunnyCDN-DE-752
last-modified
Fri, 12 Aug 2022 19:31:17 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
db98b06abc1713fb4dde452c48dbe680
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
061621_630P_SPLASH_HOUSE-VOQ.mp4.00_00_17_23.Still001-375x225.png
kesq.b-cdn.net/2022/08/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/061621_630P_SPLASH_HOUSE-VOQ.mp4.00_00_17_23.Still001-375x225.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
96ad852316a8a502917c70d74007f02a202e6b057b6a7b8a03b0c46df859e91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
601
x-amz-request-id
9579420FBEDBC817
cdn-cachedat
08/12/2022 18:05:20
cdn-pullzone
145650
content-length
152547
x-amz-id-2
Fiu239NBsQzPwR8b9Ifghh1iKgd5i4rXqZnCyBNqbYr3S/KZZrsFhY2KudUM77AKDx8LKwelxIfZ
server
BunnyCDN-DE-752
last-modified
Fri, 12 Aug 2022 17:59:49 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
099221216ee7632452e02cab0053f410
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
Screen-Shot-2022-08-12-at-4.19.22-PM-375x225.png
kesq.b-cdn.net/2022/08/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/Screen-Shot-2022-08-12-at-4.19.22-PM-375x225.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
c324734c7fe68235b85c5894b029d1e64fc4ac397c233652604a8dabead6dd8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
011ECB87A93E087A
cdn-cachedat
08/12/2022 23:35:06
cdn-pullzone
145650
content-length
151025
x-amz-id-2
+1zAIV4eVB6W2V301mNs3kIvxpoygGyELlwOrsE3DhnUrcPUUb9fQOFAS7FsjV1/QjcXOfe7fkXH
server
BunnyCDN-DE-752
last-modified
Fri, 12 Aug 2022 23:20:09 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
0e43a02062f74a3fea0900a66d0970c9
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
e4q343q4a-375x225.jpg
kesq.b-cdn.net/2022/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/e4q343q4a-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
e073396dcef95ce46aa296c6406898a1d8374beacbc1c6a3913091e61de66092

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
DD24A4BC8B7E89ED
cdn-cachedat
08/13/2022 02:23:34
cdn-pullzone
145650
content-length
25285
x-amz-id-2
Wl+fI4J2Y/e52ZmNrsZ07ezBIw8vcysiwDjQpNuLNq1/db8PWCcqF2KGPY8Ybun6G7gKp+qXiCyl
server
BunnyCDN-DE-752
last-modified
Sat, 13 Aug 2022 02:14:24 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
11564c2a3ccfeea4a7901b0153ed1c68
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
Marolyn-Harvey-375x225.jpg
kesq.b-cdn.net/2022/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/Marolyn-Harvey-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
4dea9ade3aa20e3551c8db2df43d80af17a0b0d1b45e083c2f4be7aa2a0a4a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
874
x-amz-request-id
1DD125614DCA0190
cdn-cachedat
08/13/2022 02:07:42
cdn-pullzone
145650
content-length
23109
x-amz-id-2
GVnOZzfgCGl5peLgVNO74lIk8oUVYeVHkr9cixcDW42XAGxmiGOre078JJgU7GOPdi+kN/CA1djN
server
BunnyCDN-DE-752
last-modified
Sat, 13 Aug 2022 01:54:30 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
049f33e50905fb56877372687242105c
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
081122-BTS-CDC-PKG.00_00_29_10.Still001-375x225.jpg
kesq.b-cdn.net/2022/08/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/081122-BTS-CDC-PKG.00_00_29_10.Still001-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
a2f2aeae12ca4c69c912d7496564920eb3d26b6ccc833c42353e00343214b33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
601
x-amz-request-id
F9A325C0B58DD0C8
cdn-cachedat
08/12/2022 06:03:46
cdn-pullzone
145650
content-length
29239
x-amz-id-2
NhodhvWSYxw7goU2fS5+Au/v/TXhwLe69TNDHmhHVJXSwRvjTIeHzrKczVS2Jx5/xp2Szn+rcXBl
server
BunnyCDN-DE-752
last-modified
Fri, 12 Aug 2022 05:30:05 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
8342713010d71acfd428093e13be6df8
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
MGN_1280x720_20811B00-FUTJT-375x225.jpg
kesq.b-cdn.net/2022/08/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/MGN_1280x720_20811B00-FUTJT-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
902f5de20773e21c5e4fdb34acaeff424675c50006ebe206ca15ea031428e008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
860
x-amz-request-id
E7AF5A8924AD8D6A
cdn-cachedat
08/11/2022 21:09:22
cdn-pullzone
145650
content-length
30516
x-amz-id-2
nHJFcFrA4M0ClszwQA+iqXOzShUVkw22V4sF1u/DRTShc8K1pDftvNlJBHZBpQRvIqwNjkpNok1+
server
BunnyCDN-DE-752
last-modified
Thu, 11 Aug 2022 20:59:57 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
2ddb03d35f463c8a288bbd5d07768b21
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
hypatia-h_100732520a9eb6cc325ab27776eb492e-h_bcd026f3d5da970e196b4aff1c8bf0ce-300-375x225.jpg
kesq.b-cdn.net/2022/08/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/hypatia-h_100732520a9eb6cc325ab27776eb492e-h_bcd026f3d5da970e196b4aff1c8bf0ce-300-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
a2b711705d1d64f3f446305b21f8b2c777d72eae297e81bdf020d8dcdaa3af86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
601
x-amz-request-id
64D9EF58C52A8A6F
cdn-cachedat
08/03/2022 23:41:08
cdn-pullzone
145650
content-length
28272
x-amz-id-2
L2NtzP3KAwazthbsDD4rQ67MCyepMrxVxXHhchyGyBbtcIJqvoJ8cmIAwXHcazEt/Uq71Tnsdxkn
server
BunnyCDN-DE-752
last-modified
Wed, 03 Aug 2022 20:41:58 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
a180f56ad08d787aa026629f5982cd5a
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
MGN_1280x960_20517P00-YJGGQ-375x225.jpg
kesq.b-cdn.net/2022/08/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/MGN_1280x960_20517P00-YJGGQ-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
8d519935887d07356ef2eb34d7f5eacf1fde50c695a82bcf04da3531120b46f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
865
x-amz-request-id
C97C2EB1C62AF94D
cdn-cachedat
08/03/2022 13:31:32
cdn-pullzone
145650
content-length
20627
x-amz-id-2
lhlppOxMUOQYLzllR4DAPTGPhCLDrSnly6Q/+i21Kf4ig9NTq9R0ytMNyOl04HqdKYOO9shj5SZL
server
BunnyCDN-DE-752
last-modified
Wed, 03 Aug 2022 06:38:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
c4dc8033dce1b7bb8b23692b802e4e8f
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
li1QVKVb-School-Security-Clean-375x225.jpg
kesq.b-cdn.net/2022/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/li1QVKVb-School-Security-Clean-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
37e83eed7df5e6cecf0fade22443744e8401ac540625ff0d65128f39e5897c10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
860
x-amz-request-id
BAE6968D91224D8B
cdn-cachedat
08/05/2022 03:01:21
cdn-pullzone
145650
content-length
23575
x-amz-id-2
xwr00mwj8VnN++P95Kwj1IKADtiIOkIaKBz8Si0OuUHta9oVhoXSOvFV2K/mR8fTpFQxeQt7LLsG
server
BunnyCDN-DE-752
last-modified
Fri, 05 Aug 2022 02:55:29 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
39924b1496110b48ca0c1b52c973969c
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
4847
squareoffs.com/embeds/ Frame 2042 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/embeds/4847?feed_size=small
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
28f9df67cfacbd3e75a610580a13be0e557c66f6f2d6648eb0926b3e4d5b98f1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosnif
X-Frame-Options ALLOWALL
X-Xss-Protection 0

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-request-method
*
cache-control
max-age=30, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 14:32:27 GMT
etag
W/"28f9df67cfacbd3e75a610580a13be0e"
expires
Sat, 13 Aug 2022 14:32:57 GMT
server
Cowboy
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosnif
x-frame-options
ALLOWALL
x-request-id
646e2d0f-5a5d-4540-a9e7-66828c11cc15
x-runtime
0.042273
x-served-by
cache-iad-kjyo7100103-IAD, cache-cdg20760-CDG
x-timer
S1660401147.493029,VS0,VE135
x-xss-protection
0
post-robot.min.js
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
318198
x-jsd-version
10.0.31
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000174-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXPEKbcYT3sUQ1NI4%2BlJorSK9hYqfMnatABSRH8drsGYMWrAYQ%2BmQ2IMefu5%2FIQEUeZwKyC14nHSa6iqCy6llXmDQYgMGOUK4fHlRKhP0duBenmiHmOtgJPpNAutJTU9jno%2F9w1yJP42U03lubQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
73a229044b092355-ZRH
fw-widget.js
feed.mikle.com/js/ Frame 971F 		706 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-widget.js?v=1.2
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
33c3d4cd5225958f1d3cf773cf175941e6cdccb7b50d6f32b7fdadd84056ba98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 04 Apr 2022 05:55:15 GMT
server
nginx
etag
W/"624a8843-2c2"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-xss-protection
0
cache-control
max-age=315360000
permissions-policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		539 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2375980295383820&correlator=4113731584171511&eid=31060545%2C31067707%2C31068825%2C31068211&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=6123%2Ckesq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2364208797&sfv=1-0-38&ists=1&fsapi=false&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie_enabled=1&abxe=1&dt=1660401153988&lmt=1660401153&dlt=1660401151197&idt=2634&adxs=220&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=1200x0&msz=1160x0&fws=4&ohw=1600&ga_vid=1711031756.1660401154&ga_sid=1660401154&ga_hid=118432236&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a40ff09542fbedd097c2867adb4299eb3b95f33655e798ae10c1e19c297e7259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
285
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kesq.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2757 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:27 GMT
expires
Sun, 13 Aug 2023 14:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
thumbnail_TSR-MONKEYPOX-MISERY_STILL-375x225.png
kesq.b-cdn.net/2022/07/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/07/thumbnail_TSR-MONKEYPOX-MISERY_STILL-375x225.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
e8ebba2c054fd7e8a4747812be2ae4269af334a2e74f28ca244870fa78f7cd80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
565
x-amz-request-id
23DE4EBFB36FEA0C
cdn-cachedat
07/19/2022 20:18:58
cdn-pullzone
145650
content-length
116883
x-amz-id-2
GeViDvHFhsNA6SvK4AKz9j/klyhv+qSSIUlKDMcUzVD7BSzwFpMIfq2yjsYYxeWSEg8idG3V0huv
server
BunnyCDN-DE-752
last-modified
Tue, 19 Jul 2022 20:11:24 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
267baabdb9f3c4a0bef26ac6bc250f42
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
TSR-SEISMIC-DEADLINE-FULLSCREEN-375x225.png
kesq.b-cdn.net/2022/06/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/06/TSR-SEISMIC-DEADLINE-FULLSCREEN-375x225.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
4d1816b25a66dde1911383733ea407c5d05a3311acd206d556dfed430ed622ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
865
x-amz-request-id
83C5BA641B335CBA
cdn-cachedat
06/28/2022 20:05:46
cdn-pullzone
145650
content-length
112329
x-amz-id-2
PzH2WVHwzdZ/7LsHc+XumSxZ3K/mYhkycW+LfInuOXqAB2gYjpqpM9s1x6h1mrZg9mAH7oD3hHJD
server
BunnyCDN-DE-752
last-modified
Tue, 28 Jun 2022 19:52:12 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
a67e980c60c5d6068bb7b88fba3d998f
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
xPBzQQ2H-DESERT-WATER-FULLSCREEN-375x225.png
kesq.b-cdn.net/2022/06/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/06/xPBzQQ2H-DESERT-WATER-FULLSCREEN-375x225.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
8884c925a54f34b805f0fc4637583a5dc6c2d5f9870d19a9b74686ae59368738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
B518EA538A57B46B
cdn-cachedat
07/19/2022 19:22:31
cdn-pullzone
145650
content-length
114149
x-amz-id-2
I+KuJluAH3edqsKz6r7GrL/rCrJHWwlviDvz8fzW9f0orMVUGwL7kP3RKXDUR8MhBxURJu+QzUsK
server
BunnyCDN-DE-752
last-modified
Fri, 17 Jun 2022 02:40:29 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
b896df55c63e25ecaf60f7e888898b4a
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
RUHS-photo-375x225.jpg
kesq.b-cdn.net/2022/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/RUHS-photo-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
42e5e26cda9ea1e7c1ac9adc2a588491ca4fe927fa52f9e760033ed094d7183c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
723
x-amz-request-id
E8DD1DB06B41B8AF
cdn-cachedat
08/12/2022 23:52:43
cdn-pullzone
145650
content-length
25385
x-amz-id-2
ElOL1+eKgst5K8BjvVnPOEDKcSRgS/tdeVwGp1AfjufdFkT6/mXEXVsC/xsdR38/Ozj2oS/NFIGm
server
BunnyCDN-DE-752
last-modified
Fri, 12 Aug 2022 23:47:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
cf9edf3bc8198d7ba7983d2a0bc3b6c5
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
paradise-losr-375x225.jpg
kesq.b-cdn.net/2021/05/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/05/paradise-losr-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
0412324af43079788f00548e7536deaf70a16ff08b76dd2c65f767d1bd0382ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
756
x-amz-request-id
FCF58BA43101E33A
cdn-cachedat
06/20/2022 21:48:43
cdn-pullzone
145650
content-length
19089
x-amz-id-2
oVOEdy0qZ75edBsDsQ2KMehLFwiGqPaHiw8RmkCpB3MGlvB6U4W36qvlqIcZC2s1z5f16ydx17Iz
server
BunnyCDN-DE-752
last-modified
Thu, 06 May 2021 02:31:15 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
020cc2df0dd81a573b35c87ef766d778
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
57322-Back-To-School-180X108-BTS-22.jpg
kesq.b-cdn.net/2022/07/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/07/57322-Back-To-School-180X108-BTS-22.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
a067282eb49b4b9a314ed56842edf759d320ebd9f2a345d5881f0abeca117a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
5E10D05C2DEA0214
cdn-cachedat
07/29/2022 16:47:29
cdn-pullzone
145650
content-length
44409
x-amz-id-2
wXe7kAa7Qhy3U4I1NqjH96SIcfynmqLNI5LLkKQsqLQK4sqxmPhCaHQcdEqNIT+JPPVbmN61YLD5
server
BunnyCDN-DE-752
last-modified
Fri, 29 Jul 2022 14:14:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
f1f19fecc8840d4eabca5cbbcb15792e
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
57005-Cancer-Care180x108-MTE.jpg
kesq.b-cdn.net/2022/06/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/06/57005-Cancer-Care180x108-MTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
47fc8777d4617343fe70714411940f12db53a742debfc8c41f536475a0ba70d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
565
x-amz-request-id
A1514690E4F37805
cdn-cachedat
06/28/2022 17:48:01
cdn-pullzone
145650
content-length
34675
x-amz-id-2
9KVLXO6VuzXEC7cOSL2Sh6DlcvfugTDpjITh3c7DZyOyakLUmHFlfFBk7FUuym1ZuqXv18KVSAKV
server
BunnyCDN-DE-752
last-modified
Tue, 28 Jun 2022 16:32:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
c38f9e339eaa286b0b244c07fb61799e
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
57353-St.-Jude-180x108-NTE.jpg
kesq.b-cdn.net/2022/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/07/57353-St.-Jude-180x108-NTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
427cd20c734ff44e69a44da468c62e73c947b22754f6b970483f253c5c322fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
87D699281158A73E
cdn-cachedat
07/20/2022 22:02:35
cdn-pullzone
145650
content-length
40556
x-amz-id-2
CrpL0dxWWpdHip2b9/IwvmyuAnkLSNwUgXW2kNre+X8QEM4rHDdVivjfHtFHlaxufJv7i9OKwZBC
server
BunnyCDN-DE-752
last-modified
Wed, 20 Jul 2022 21:50:21 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
13a0f776377ee09389410e12f2da2acf
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
WaterWise-180x108-MTE.jpg
kesq.b-cdn.net/2022/04/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/04/WaterWise-180x108-MTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
64bd403de03c6f3d2ad7ec8f39ea5e52a5528e92524a0eea686e3dc440e5b894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
02D2480439861F83
cdn-cachedat
04/16/2022 05:56:04
cdn-pullzone
145650
content-length
41777
x-amz-id-2
w7d49/lljx4Be9+BsSjqD9ZqPyY/cpBARRT/9aOs3YatCFzS2PkmZm1bES7qPjYJcho+VyqWIbUE
server
BunnyCDN-DE-752
last-modified
Fri, 15 Apr 2022 21:48:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
edf24cddba946f425ff7b48cc73d3b03
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
52255-CV-Pros180x108.jpg
kesq.b-cdn.net/2021/09/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/09/52255-CV-Pros180x108.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
5032da8d0203f9ec6d572065c2d73012fe274e7ec53bd9f1be20905d191b653f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
874
x-amz-request-id
5FB27360AB1FF0D4
cdn-cachedat
05/07/2022 19:38:38
cdn-pullzone
145650
content-length
34039
x-amz-id-2
fu8h91mUsSxR9N+o61YEuWvulmRMP6JYWnd08ipaKIEU5e5opPznW41SAQPsenbMElltvHz8vkJ8
server
BunnyCDN-DE-752
last-modified
Sat, 25 Sep 2021 18:18:41 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
3c6c32217988be199c2b9eda89b21f1a
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
375x225-Golf-Card-2022-375x225.jpeg
kesq.b-cdn.net/2022/06/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/06/375x225-Golf-Card-2022-375x225.jpeg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
ae29c0a50b015d25bc4ab4a1d3e50394cca8718506906c57667690dd3ac94f4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
CA33A30FD5D81ADE
cdn-cachedat
06/03/2022 05:59:23
cdn-pullzone
145650
content-length
39957
x-amz-id-2
QYYaN4NACcv6xjXnzYDgnN8Oxv9jp+x5/O790NRyNl14YWd46POuU6pNoFAKQ7KObSu5FuykWB6e
server
BunnyCDN-DE-752
last-modified
Fri, 03 Jun 2022 04:47:20 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
738772f2a208dee8898ed29324f9cbc6
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
56450-Summer-Cutest-Pet-2022-180x108-MTE.jpg
kesq.b-cdn.net/2022/06/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/06/56450-Summer-Cutest-Pet-2022-180x108-MTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
a130d8783fcc312003c082308a6c9dad1abe6324bded170285170556e92fbc82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
F505EA7397242714
cdn-cachedat
06/10/2022 02:13:37
cdn-pullzone
145650
content-length
46721
x-amz-id-2
TyYH9mzAIien8aef+kt9mVnQ02gQo/VKta7lEpLKfOTIWkTb7x0ikV/QzBW0rXOB8+HcXB+4vIPc
server
BunnyCDN-DE-752
last-modified
Thu, 09 Jun 2022 22:05:46 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
1d0019e8b334c18285771dc4c4f43610
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
52255-CV-Pros-180x108-1.jpg
kesq.b-cdn.net/2021/09/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/09/52255-CV-Pros-180x108-1.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
1e600a7debd226f2859e7f861535e22b0580cd80f956a1e586b680440cd9048d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
864
x-amz-request-id
3FD46CF29474B794
cdn-cachedat
05/07/2022 19:38:38
cdn-pullzone
145650
content-length
36158
x-amz-id-2
P5CHVEmt0cHdMaNl59T9QI3UKOyS39K0QmoOalmd8uwOFmJnlxEpfPhcScEbOig1DPARARmbuDZy
server
BunnyCDN-DE-752
last-modified
Sat, 25 Sep 2021 18:13:58 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
53e54b63046f63d0c6c5ba940ac2832e
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
54113-Birthday-Wishes-180x108-MTE.jpg
kesq.b-cdn.net/2022/01/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/01/54113-Birthday-Wishes-180x108-MTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
727052d8743a436049aaf9aa8a70de0d2492ce136b24879ae366f3ee9835ca10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
37767FF6D2CBC10B
cdn-cachedat
08/04/2022 19:54:14
cdn-pullzone
145650
content-length
41892
x-amz-id-2
G8Z03LF0wT1bwQve6K5IWpBQFzAGZJ3PcXS5SbXlutHCMlCwp1OzHejinuwLecMvrZA/ylPz5n74
server
BunnyCDN-DE-752
last-modified
Tue, 04 Jan 2022 15:56:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
878ff88b90b86c5571e1f816da8dc297
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
52255-N-Heroes-180x108-1.jpg
kesq.b-cdn.net/2021/09/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/09/52255-N-Heroes-180x108-1.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
2356e0cfa404452ba162bd881ff100ec108eae5a91b5566a922fc66b78a7096e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
BF6966DEEFD84560
cdn-cachedat
07/19/2022 22:55:49
cdn-pullzone
145650
content-length
42655
x-amz-id-2
zkHUuuapX5XJuZ1l9uCl4MSv7JjkZa8Zpi+I0yzPFedIDYHaUJuITV93FJKRrICcSzk/QgZZcMP6
server
BunnyCDN-DE-752
last-modified
Sat, 25 Sep 2021 18:23:29 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
d6ec6fbf53374a05fa25a14bda9433a0
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
55021-Lunch-On-Us-180x108-1.jpg
kesq.b-cdn.net/2022/02/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/02/55021-Lunch-On-Us-180x108-1.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
a40a9f2b83260352c8de2058afb7e1af11e48500a14432c4cbc0b72afac6fb59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
756
x-amz-request-id
EDFBA310A8B8FF1B
cdn-cachedat
06/10/2022 03:55:21
cdn-pullzone
145650
content-length
51913
x-amz-id-2
Tj/0bOXFoWecK/bdjwej/k6igLxYpyQILTyTGkKBei4Qt15UA/tTqhnp4GJ6aRrimfurstxtk76p
server
BunnyCDN-DE-752
last-modified
Mon, 28 Feb 2022 13:38:24 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
99b7601b817d66f0122c4f8d55063963
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
375x225-CV-Local-links.jpg
kesq.b-cdn.net/2021/05/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/05/375x225-CV-Local-links.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
12b83d9a2619ee9d02fc25d784ee1f85e717f2e21d6dbb70dd9b02a8ef0d37c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
C3E89AF52800B438
cdn-cachedat
08/04/2022 19:57:17
cdn-pullzone
145650
content-length
76610
x-amz-id-2
TZSnBeAqpIU9c5tLGve0CxcjsB/E/9o8hJh/I1nuazThFmxvf2MJ4h7/vT59kiym7blqeUvWtMzR
server
BunnyCDN-DE-752
last-modified
Wed, 12 May 2021 19:12:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
c929592796022f4c33908dc6e8b9e586
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
57318-MTE-180x108-Grocery-Contest.jpg
kesq.b-cdn.net/2022/08/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/08/57318-MTE-180x108-Grocery-Contest.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
ef0b54da4a79f7c1e9c79ba07d42ee6ab823fc52c0ccf97bb22101cfe548ae70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
722
x-amz-request-id
43BDBBDE2F98881B
cdn-cachedat
08/01/2022 23:16:37
cdn-pullzone
145650
content-length
44578
x-amz-id-2
r9ekCXKVs3QQ8Yx8curcHqKDPt56CWOcb3d/Zsnx5Hi0ZPi33+LOt831k2t0EzBHlMFeGmXI+yGE
server
BunnyCDN-DE-752
last-modified
Mon, 01 Aug 2022 22:30:23 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
801726fd70531f7f6f60b06fe3b4923d
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
52802-Now-Hiring-180x108-MTE.jpg
kesq.b-cdn.net/2021/10/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/10/52802-Now-Hiring-180x108-MTE.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
81f719850af306fd520440a0b395b8a7b08130455f7d89227f986cbb2137991d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
C825F8422114BF50
cdn-cachedat
05/12/2022 19:48:11
cdn-pullzone
145650
content-length
46458
x-amz-id-2
VSB0HGQ9fw0kQ8wCeJ3UqpblapamAZYn6CnighIkOCEZYhATF5meJcTHEeNZRbvBSaiYxuPtSA3L
server
BunnyCDN-DE-752
last-modified
Tue, 26 Oct 2021 17:46:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
7fe2494be6438d00a65862b08c0d9901
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
375x225-OCAAT-375x225.jpg
kesq.b-cdn.net/2021/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2021/01/375x225-OCAAT-375x225.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
88e815336b1a0c17bdcab5ff5d345bbb35f24d9f0cba8d835393511d2aae0ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
632
x-amz-request-id
0DF9E9945F19FB97
cdn-cachedat
08/04/2022 19:57:17
cdn-pullzone
145650
content-length
39175
x-amz-id-2
PUP8gaNqqdZ9eWBKzcuqHt9h3CnqhLVOtqdUsaYRf9j/tvHH2fEH1BrtRRPA8yt0u/xxSKQ3ElXn
server
BunnyCDN-DE-752
last-modified
Sat, 23 Jan 2021 15:12:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
d4df81d99f079c843ffccdee27b9d400
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
load_optional_tags
api.pymx5.com/v1/sites/ 		0
15 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ifilter.js
pymx5.com/ad-rendring/src/ 		56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/ad-rendring/src/ifilter.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:48:54 GMT
age
2613
x-guploader-uploadid
ADPycdvaszOtW_nGY9YOcSjnzrhJSPKeuoKHvJaz7muXFjjcyq7bWUiJEazlkGAeeqU9c12i0DSTByFkMUAFr2REuUqLww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57026
last-modified
Thu, 25 Jun 2020 05:25:47 GMT
server
UploadServer
etag
"f7990efed3936d14d55077c3722ffac4"
x-goog-hash
crc32c=JzgInw==, md5=95kO/tOTbRTVUHfDci/6xA==
x-goog-generation
1593062747313466
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
57026
accept-ranges
bytes
content-type
application/javascript
supply
events.browsiprod.com/events/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=_$WhpAerikjQPpnJYMzL
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=kesq&url=https%3A%2F%2Fkesq.com%2F&bid=_%24WhpAerikjQPpnJYMzL&at=Home%20-%20KESQ&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.111.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-111-76.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.1 /
Resource Hash
24d4b4e55d1b3b79707099b0c7c756dc5863d7ae4c3735258c561a924cf70010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.1
content-type
application/json
widgets.css
s3.amazonaws.com/content.secondspace.com/kesq/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.css
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.128.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ad091945f95bfc12e0357ca55091db4b47229abd21efaced6b849db605c13997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:29 GMT
Last-Modified
Tue, 07 Jul 2020 23:19:46 GMT
Server
AmazonS3
x-amz-request-id
91XR6WKZ27X2BC12
ETag
"8996ca1af7b8044a6524d88363692cd1"
Content-Type
text/css
Cache-Control
max-age=600, public
Accept-Ranges
bytes
Content-Length
25110
x-amz-id-2
AbIu+BnQd9pSmtCe7LcYrhd+URhT1n9ecCSWkNY8gG64342qRxiyxZBPKeb/Qxh3Ebml1FPDxS8=
widgets.js
s3.amazonaws.com/content.secondspace.com/kesq/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.128.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
67756f3d98f02b4e864a41b07d31df218bd75dfd36676864d22c314880e68964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:29 GMT
Last-Modified
Tue, 29 Mar 2022 08:30:35 GMT
Server
AmazonS3
x-amz-request-id
91XVGCKJDK5MPZXE
ETag
"50348b891a00062140f23e55dd3dec85"
Content-Type
application/javascript
Cache-Control
public, max-age=600
Accept-Ranges
bytes
Content-Length
51512
x-amz-id-2
y3tZUfP4ZBFcVZdFuIMj4P27lvpK09AFa7XslIKfWM7EUQX3Sm6GfW0DcefQ5iYOeKwbKMMda3Q=
Expires
Tue, 29 Mar 2022 08:40:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19610616-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5427
date
Sat, 13 Aug 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 13 Aug 2022 15:02:00 GMT
/
kesq.com/wp-json/wp/v2/ 		171 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-json/wp/v2/
Requested by
Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3796c3c2b32c8905b67fe633670145d06f5967da61e0ba2505f67e868b441f45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://kesq.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
e7032385-1b13-11ed-bd05-b6a531a31c64
age
367
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache
HIT, HIT
allow
GET
x-cache-hits
1, 1
vary
Accept-Encoding, Origin
content-length
17038
x-xss-protection
1; mode=block;
x-served-by
cache-chi-klot8100035-CHI, cache-maa10224-MAA
link
<https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy
origin-when-cross-origin
server
nginx
traceparent
00-8c7bb32f715b4915ad31f7a1906d22ed-30d4a73142daf86c-00
x-timer
S1660401148.904269,VS0,VE1
date
Sat, 13 Aug 2022 14:32:27 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security
max-age=31622400
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
x-cloud-trace-context
8c7bb32f715b4915ad31f7a1906d22ed/3518621038900082796;o=0
cache-control
public, max-age=2400
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-hwhw7
embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
squareoffs.com/assets/ Frame 2042 		879 KB
179 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cc426be25bc24bc2594e52b8fcdb9f26f209d08578944de2d366b74976861692
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
293823
x-cache
HIT, HIT
content-encoding
gzip
content-length
183356
x-served-by
cache-iad-kcgs7200030-IAD, cache-cdg20760-CDG
last-modified
Wed, 10 Aug 2022 04:45:16 GMT
server
Cowboy
x-timer
S1660401148.735268,VS0,VE3
strict-transport-security
max-age=300
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
x-cache-hits
1, 1
post-robot.min.js
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ Frame 2042 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
318198
x-jsd-version
10.0.31
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000174-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGtaQJytY8c1wYknm7KHExJO725ljKclu%2FpSZEN9mvNNGcSyMqaK67KC9Xv%2FqgY2WuAaoYR38b4j7zLOFr0fbBBjR9OedI8cf4poV7m6N8Ej5Y%2FZARf17D8a8GreQ0%2BevIcvYW6uNKV%2BCwfqxHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
73a229057d5f0215-ZRH
embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js
squareoffs.com/assets/ Frame 2042 		378 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
281481
x-cache
HIT, HIT
content-encoding
gzip
content-length
113053
x-served-by
cache-iad-kjyo7100114-IAD, cache-cdg20760-CDG
last-modified
Tue, 03 May 2022 05:02:03 GMT
server
Cowboy
x-timer
S1660401148.735248,VS0,VE2
strict-transport-security
max-age=300
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
x-cache-hits
1, 1
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T7ZNM1KRXQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da75e7bf2ec5c3fd69039de5de1af65c1c9803ffc26341aeb871133654111934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73120
x-xss-protection
0
expires
Sat, 13 Aug 2022 14:32:27 GMT
tag.js
a.teads.tv/analytics/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding
br
last-modified
Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id
HH9G4AMHHPYDQCT6
etag
"f92f25ba5af332861dc8cea3da5eb278"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Sat, 13 Aug 2022 14:32:27 GMT
accept-ranges
bytes
content-length
4779
x-amz-id-2
KH5G2ZhzXk64nys9UG3elS/YCrqMnYqq+4jrQ36TBTwWvH4auHYBFdybFMJcrhiMxtG5FgZ7cYk=
/
feed.mikle.com/widget/v2/153514/ Frame 971F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/js/fw-widget.js?v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
86907b32661b18f6fe7903b67b5933da102eff4b7e9ae82d871072500caea2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=180
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 14:32:27 GMT
expires
Sat, 13 Aug 2022 14:35:27 GMT
permissions-policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
0
livestream-active
kesq.com/wp-json/alerts/v2/ 		26 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-json/alerts/v2/livestream-active?_=1660401151868
Requested by
Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://kesq.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
c1a5026f-1b14-11ed-892d-cac84bf5df52
age
0
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache
MISS, MISS
allow
GET
x-cache-hits
0, 0
vary
Accept-Encoding, Origin
content-length
44
x-xss-protection
1; mode=block;
x-served-by
cache-chi-kigq8000106-CHI, cache-maa10224-MAA
link
<https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy
origin-when-cross-origin
server
nginx
traceparent
00-093ed5adac324aa2a7e5798ecfc0737d-58d3bdcedef9c798-00
x-timer
S1660401148.924180,VS0,VE500
date
Sat, 13 Aug 2022 14:32:28 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security
max-age=31622400
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
x-cloud-trace-context
093ed5adac324aa2a7e5798ecfc0737d/6400668191625430936;o=0
cache-control
no-cache, must-revalidate, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname
styx-fe1-a-6d9bbf99db-cp75v
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=8269
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8513
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5978118&ntv_pl=376325
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:27 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=376325&ntv_gdpr_consent=&ntv_it
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:27 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
output-module
kesq.com/wp-json/alerts/v2/ 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kesq.com/wp-json/alerts/v2/output-module?_=1660401151869
Requested by
Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c015d451be8161a2af2cb0b90c9663897640fbb8c1c27d198c7f44ae8a478f0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://kesq.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
c1ae735f-1b14-11ed-8d72-0ab517197866
age
0
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-cache
MISS, MISS
allow
GET
x-cache-hits
0, 0
vary
Accept-Encoding, Origin
content-length
930
x-xss-protection
1; mode=block;
x-served-by
cache-chi-klot8100073-CHI, cache-maa10224-MAA
link
<https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy
origin-when-cross-origin
server
nginx
traceparent
00-c7406e21e5a941789c2e22d2b00ba277-b090986ec88ac047-00
x-timer
S1660401148.985255,VS0,VE645
date
Sat, 13 Aug 2022 14:32:28 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security
max-age=31622400
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
x-cloud-trace-context
c7406e21e5a941789c2e22d2b00ba277/12722836548900012103;o=0
cache-control
no-cache, must-revalidate, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname
styx-fe1-b-784cd8578b-swhnq
jquery.cycle2.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.cycle2/2.1.6/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.cycle2/2.1.6/jquery.cycle2.min.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9169335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6294
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-59c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR8Fsb74y5cWWfPHvbqHM%2FAvYd7dBLLsdifgBP2k3y1DHbqNEFhbUgLIiBp0yctPnLl2omdNNAi5O67TPJp2xLyeMmhxPqL%2BP1LGNx%2Fxrr1TsySt7epAKnxA70t%2FU7Q2nqnffq031JkbSmgD6V39N0PN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73a2290638a501f8-ZRH
expires
Thu, 03 Aug 2023 14:32:27 GMT
hDrUDDtC-App-Download-Promo-Box.jpeg
kesq.b-cdn.net/2022/01/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kesq.b-cdn.net/2022/01/hDrUDDtC-App-Download-Promo-Box.jpeg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
f1c0dbc47d7191146dca50ad89abaa1f6c78e45503e7f9c96d211f28e528c598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
cdn-edgestorageid
863
x-amz-request-id
1236481CD8727243
cdn-cachedat
05/12/2022 08:22:23
cdn-pullzone
145650
content-length
129359
x-amz-id-2
EqxyxTg89ghA9NF+Nk3IP+i5OI18LYqwd++mmzMcFpns4FrNA7a+59N3U0cGQZEVC4IR8M+1JwMV
server
BunnyCDN-DE-752
last-modified
Tue, 18 Jan 2022 22:29:34 GMT
cdn-proxyver
1.02
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
42a68b89d7f8cefcf88c05b89412720c
accept-ranges
bytes
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
PreEngine_desktop_2021-09-30T14:31:30.224.js
cdn.browsiprod.com/static_js/newspressandgazette/kesq/ 		313 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/static_js/newspressandgazette/kesq/PreEngine_desktop_2021-09-30T14:31:30.224.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecf1d2dc28a8fe2332483cfa144e98791181a2e7ffcc500a16828c1d0a6da947

Request headers

Referer
https://kesq.com/
Origin
https://kesq.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 22:14:17 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
27361090
x-cache
Hit from cloudfront
content-length
313
last-modified
Thu, 30 Sep 2021 14:31:31 GMT
server
AmazonS3
etag
"e21c1feaa39b333d3ce7bc72499252e2"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
0_Z9aGgy8AeYyU30z9L8UTxCsJAuhRjD
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
us13qMJKcLAsUNGlcm3NlDpxM2JwBbq-YMsIlXbSNVp9BkNtdVgHXg==
SO_Loading-93680d9f1945984982911018214062b31443f5e4b4311fd8cffcc18662f52cec.gif
squareoffs.com/assets/ Frame 2042 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/SO_Loading-93680d9f1945984982911018214062b31443f5e4b4311fd8cffcc18662f52cec.gif
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4fa4ebe6b7dc050955af61f44380639a2a21b56bbfec71df6697f8dff521b59e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
age
337023
x-cache
HIT, HIT
fastly-io-info
ifsz=35236 idim=48x48 ifmt=gif ofsz=35151 odim=48x48 ofmt=gif ofrm=210
fastly-stats
io=1
content-length
35151
x-served-by
cache-iad-kjyo7100080-IAD, cache-cdg20760-CDG
server
Cowboy
x-timer
S1660401148.926045,VS0,VE0
etag
"NMe6krn+CSZ0GKkOUa4HNWHaiArY+qMhtAhDf6okV6g"
vary
Accept
strict-transport-security
max-age=300
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
x-cache-hits
1, 1
682465af888e294f1aff5073c5668680
npgco.blueconic.net/plugin/plugin/ 		161 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
5d7e73acdc9932a7e08da0d7549e6205b759f3e586089107517fc1348dc70d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Aug 2022 14:32:27 GMT
server
-
etag
682465af888e294f1aff5073c5668680
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
38306
x-xss-protection
1; mode=block
expires
Sun, 13 Aug 2023 14:32:27 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=118432236&t=pageview&_s=1&dl=https%3A%2F%2Fkesq.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20KESQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1336494095&gjid=73060164&cid=1711031756.1660401154&tid=UA-19610616-1&_gid=1789611911.1660401154&_r=1&gtm=2ou880&z=446540905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kesq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 2042 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5427
date
Sat, 13 Aug 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 13 Aug 2022 15:02:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 971F 		95 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 06:57:23 GMT
x-content-type-options
nosniff
age
27305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:57:23 GMT
squares.svg
feed.mikle.com/images/ Frame 971F 		707 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feed.mikle.com/images/squares.svg?v=1580871352
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-2c3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
x-xss-protection
0
cache-control
max-age=315360000
permissions-policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2
api.viafoura.co/v2/kesq.com/bootstrap/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/kesq.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:14f2:f07b:baf3:641a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3a43bf8f2ce4a81899088569d8346e9d452be168d67a637ea7094945ecbac7bb

Request headers

Accept
application/json, text/plain, */*
Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0d9d25449b97688fa
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://kesq.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 13 Aug 2022 14:32:28 GMT
v2
api.viafoura.co/v2/kesq.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/kesq.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:14f2:f07b:baf3:641a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kesq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://kesq.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sat, 13 Aug 2022 14:32:28 GMT
expires
Sat, 13 Aug 2022 14:32:28 GMT
server
nginx/1.18.0 (Ubuntu)
collect
region1.google-analytics.com/g/ 		0
333 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T7ZNM1KRXQ&gtm=2oe880&_p=118432236&cid=1711031756.1660401154&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660401154&sct=1&seg=0&dl=https%3A%2F%2Fkesq.com%2F&dt=Home%20-%20KESQ&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7ZNM1KRXQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kesq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ Frame 2042 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
etag
"jbwe3Q3ekqaoxOFJsLLUPw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 20 Aug 2022 14:32:28 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19610616-1&cid=1711031756.1660401154&jid=1336494095&gjid=73060164&_gid=1789611911.1660401154&_u=YAhAAUAAAAAAAC~&z=2051822179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 13 Aug 2022 14:32:28 GMT
content-type
text/plain
access-control-allow-origin
https://kesq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff
squareoffs.com/assets/ Frame 2042 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Origin
https://squareoffs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
372722
x-served-by
cache-iad-kjyo7100103-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.080820,VS0,VE2
content-length
23956
x-cache-hits
1, 1
middy-desktop-4.4.8.js
cdn.browsiprod.com/sd/apps/middy/ 		315 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84172ab8ffc60b04a891345d7aeacc0bb2333392172cd60c4e2d0bf51a13b2ba

Request headers

Referer
https://kesq.com/
Origin
https://kesq.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 14:53:29 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3454740
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 04 Jul 2022 13:52:28 GMT
server
AmazonS3
etag
W/"1d823a6010143d48b25ffd2f9fa0ed0f"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
Ap0MZ_7oPapJAF2rHllBY_oVINcOFAl4
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
4WjAqKbAmUXlr9i8PO3dovCCvJWhBG6zuo8tIE9lfbasEVcKPlomOQ==
8269
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/8269?t=2022713146
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
last-modified
Tue, 18 Nov 2014 20:18:12 GMT
server
AmazonS3
x-amz-request-id
B17D55F7DE27FB81
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=681
accept-ranges
bytes
content-length
0
x-amz-id-2
mIU50l84eryBjMRqOnAd1Wue1SPq7w6EiQwUrn6rNchVVQCR2FTaNBeV7eOeh+EnU1pv9ak3kX4=
fpc
at.teads.tv/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11379&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=5b1da8a&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:28 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://kesq.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sat, 13 Aug 2022 14:32:28 GMT
interface
s8t.teads.tv/logs/publishers/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/publishers/interface?sharedIdsCount%7CPUB_11379%7C0%7C%5B%5D
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1ba::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
selections
squareoffs.com/embeds/4847/ Frame 2042 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/embeds/4847/selections?feed_size=small&soid=
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
935cb1b55d7dd132f91bda7202a076a800d85b89449d1a2d9a3363d1011e529c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosnif
X-Frame-Options ALLOWALL
X-Xss-Protection 0

Request headers

Accept
*/*
X-NewRelic-ID
VgYAVFFWGwIEUVhaDwg=
X-CSRF-Token
WiRfGFtQzQZknKNN1xziXpgBiUdoPqOHHUJsv+AdxagF+c+eOVagNb6lNnMT+/p6uB/4iyfM0/NVPGAhoVQx7A==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer
https://squareoffs.com/embeds/4847?feed_size=small

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-request-method
*
x-content-type-options
nosnif
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
0
x-request-id
d3d0447d-12ae-4d1a-a813-987181da99fa
x-served-by
cache-iad-kiad7000122-IAD, cache-cdg20760-CDG
x-runtime
0.092725
x-newrelic-app-data
PxQFUVFWDwYTVVVXDgkPX0YdFHANCBcQXw5UB0oXUV9RAF0SHhJWDgFVQwgJDUsRHFRPUgcDB1VWCAQBUF9UUwFbCVYIDBgCHVUAVQlXAlJXBgJWXlUJAAJcTU8GHRUCXAMOUVNTUgcJUVpTCg4FEB8DWA1CBG4=
server
Cowboy
x-timer
S1660401148.152338,VS0,VE195
x-frame-options
ALLOWALL
etag
W/"935cb1b55d7dd132f91bda7202a076a8"
strict-transport-security
max-age=300
content-type
application/json; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Aug 2022 14:32:58 GMT
cache-control
max-age=30, public
accept-ranges
bytes
x-cache-hits
0, 0
/
feed.mikle.com/api/widget/read/body/ Frame 971F 		118 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/api/widget/read/body/?widget_id=153514&widget_parameter=%7B%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f9285e639ef247571d1ac419992fbdd363c488098037d919f18faa0318138700

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://feed.mikle.com
cache-control
max-age=180
access-control-allow-credentials
true
access-control-allow-headers
Origin, Authorization, Accept, X-Requested-With
expires
Sat, 13 Aug 2022 14:35:28 GMT
rules-p-KD6rdRn9TY0Kx.js
rules.quantcount.com/ Frame 2042 		3 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-KD6rdRn9TY0Kx.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 11:33:54 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
age
10715
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:28:00 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
vianMeI9e25UZpYUw8BvPIsOC89xPE5EtNq32GZwFcbFxlsMu8Clug==
42030debf979299b2f11c9bd0a9b898b
npgco.blueconic.net/plugin/library/ 		250 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/plugin/library/42030debf979299b2f11c9bd0a9b898b
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
2b59ca8bb148dd09702bfd517affa8fcfd4311768872e7d51ba1978672e44984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Aug 2022 14:32:28 GMT
server
-
etag
42030debf979299b2f11c9bd0a9b898b
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
73688
x-xss-protection
1; mode=block
expires
Sun, 13 Aug 2023 14:32:28 GMT
LB-Zone-2
npgco.blueconic.net/DG/DEFAULT/rest/rpc/968/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/968/LB-Zone-2?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=&bctempid=671b177c-94a3-452f-a418-53381b403e66&overruleReferrer=&time=2022-08-13T14%3A32%3A34%2B00%3A00&ts=1660401154626
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
2354fcb0787aa3e654b500c2c30be125ca059202732261b1a69e9bfad8f80622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://kesq.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
853
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
supply
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
https://kesq.com/
Origin
https://kesq.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding
gzip
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
age
12018
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
server
AmazonS3
date
Sat, 13 Aug 2022 11:12:11 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
-fEL8J-5gL8lH-IOTwRFVJX1tpwUzkufYarb8xKDsXVUQO2jEhFUJg==
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
supply
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
supply
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
desktop
demand-engine.browsiprod.com/sra/ 		3 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand-engine.browsiprod.com/sra/desktop?sk=kesq&pk=newspressandgazette&pvid=d6f6658d-0850-4f6d-aed1-116a424d9954&aid=kesq_-727983220_-1592112820&sid=c667b61b-200d-4c25-9c96-551e70cc8708%26false%26false%26DEFAULT%26de%26desktop-4.4.8%26false&mch=5228&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5633&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ais=0%7C%7C1%7C%7C2&fs=2%7C%7C2.34%7C%7C2.69&lls=false%7C%7Ctrue%7C%7Ctrue&sts=dynamic_mc%7C%7Cdynamic_mc%7C%7Cdynamic_mc&ets=b%7C%7Cb%7C%7Cb&als=1197%7C%7C1612%7C%7C2028&pts=in-line%2Cwithin%20main%20content%7C%7Cin-line%2Cwithin%20main%20content%7C%7Cin-line%2Cwithin%20main%20content&ss=%7C%7C%7C%7C&dis=0%7C%7C1%7C%7C2&ac=0
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef64073c093d1a745649a1267e340a274375594ad44c691a90a00c3e916686d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://kesq.com
Date
Sat, 13 Aug 2022 14:32:27 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Content-Type
application/json
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
desktop
demand-engine.browsiprod.com/single/ 		920 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand-engine.browsiprod.com/single/desktop?if=false&ai=500&f=1.14&rc=0&ll=false&st=api&et=b&al=162&di=0&pt=in-line%2Cwithin%20main%20content&div=rectangle-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=d6f6658d-0850-4f6d-aed1-116a424d9954&aid=kesq_-727983220_-1592112820&sid=c667b61b-200d-4c25-9c96-551e70cc8708%26false%26false%26DEFAULT%26de%26desktop-4.4.8%26false&mch=5228&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5633&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed8a4c603add6cab4fa9e304d8b964d8148d402d3bec072496f4bcd148252ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://kesq.com
Date
Sat, 13 Aug 2022 14:32:27 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Content-Type
application/json
desktop
demand-engine.browsiprod.com/single/ 		937 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand-engine.browsiprod.com/single/desktop?if=false&ai=501&f=1.1&rc=0&ll=false&st=api&et=b&al=122&di=1&pt=in-line%2Cwithin%20main%20content&div=leaderboard-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=d6f6658d-0850-4f6d-aed1-116a424d9954&aid=kesq_-727983220_-1592112820&sid=c667b61b-200d-4c25-9c96-551e70cc8708%26false%26false%26DEFAULT%26de%26desktop-4.4.8%26false&mch=5228&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5633&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b8fe26203f24188dd3e9569046b700d7899a08b72d97c6c5177eeec32781e67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://kesq.com
Date
Sat, 13 Aug 2022 14:32:27 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Content-Type
application/json
pixel;r=338737003;rf=0;a=p-KD6rdRn9TY0Kx;url=https%3A%2F%2Fsquareoffs.com%2Fembeds%2F4847%3Ffeed_size%3Dsmall;ref=https%3A%2F%2Fkesq.com%2F;uht=2;fpan=1;fpa=P0-1440625464-1660401154687;pbc=;ns=1;ce...
pixel.quantserve.com/ Frame 2042 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=338737003;rf=0;a=p-KD6rdRn9TY0Kx;url=https%3A%2F%2Fsquareoffs.com%2Fembeds%2F4847%3Ffeed_size%3Dsmall;ref=https%3A%2F%2Fkesq.com%2F;uht=2;fpan=1;fpa=P0-1440625464-1660401154687;pbc=;ns=1;ce=1;qjs=1;qv=ae608f52-20220808163238;cm=;gdpr=0;d=squareoffs.com;dst=0;et=1660401154687;tzo=0;ogl=
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
nr-1216.min.js
js-agent.newrelic.com/ Frame 2042 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
W2S5A87EG1C89ADE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by
cache-hhn4030-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1660401148.324549,VS0,VE0
date
Sat, 13 Aug 2022 14:32:28 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21912
7734a6de03
bam.nr-data.net/1/ Frame 2042 		49 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/7734a6de03?a=1459889&v=1216.487a282&to=dVdXQEIMXlwHFEoBWlRdXUcfEFpfFQ%3D%3D&rst=873&ck=1&ref=https://squareoffs.com/embeds/4847&ap=39&be=262&fe=781&dc=587&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1660401153940,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:163,%22rpe%22:166,%22dl%22:205,%22di%22:588,%22ds%22:588,%22de%22:600,%22dc%22:781,%22l%22:781,%22le%22:782%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:28 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
73a229098eb75b26-FRA
newspressandgazette--6.13.0-1655967656946.js
cdn.browsiprod.com/prebid/ 		390 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/prebid/newspressandgazette--6.13.0-1655967656946.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e21f797e4abd86dc3ab738e767662c269c792481307dd66663eb8117e3d82bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 07:11:48 GMT
content-encoding
br
last-modified
Thu, 23 Jun 2022 07:10:52 GMT
server
AmazonS3
age
4432841
etag
W/"620d3bafb062c568fb0ccd0d9dd5116c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yVd8Qu6dCOUyGdSMrhl1pS.AJCWLrhnJ
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
-SZqZuQXjED-gsj80EJobvJqnbAZIECn3BIQMkvZouHjqA6zXAHTwQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2042 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c453eeacb689e19e79f638ad994088122dc24cc35e4c440546cba9f107e6efac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57302
x-xss-protection
0
server
cafe
etag
11557714823062763944
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 14:32:28 GMT
update
squareoffs.com/embed_stats/ Frame 2042 		0
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/embed_stats/update
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosnif
X-Frame-Options ALLOWALL
X-Xss-Protection 0

Request headers

X-NewRelic-ID
VgYAVFFWGwIEUVhaDwg=
X-CSRF-Token
WiRfGFtQzQZknKNN1xziXpgBiUdoPqOHHUJsv+AdxagF+c+eOVagNb6lNnMT+/p6uB/4iyfM0/NVPGAhoVQx7A==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://squareoffs.com/embeds/4847?feed_size=small
X-Requested-With
XMLHttpRequest

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-request-method
*
x-content-type-options
nosnif
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-xss-protection
0
x-request-id
7ddbe15c-e55d-4026-92f0-4501b44e7a61
x-served-by
cache-iad-kiad7000050-IAD, cache-cdg20760-CDG
x-runtime
0.015821
x-newrelic-app-data
PxQFUVFWDwYTVVVXDgkPX0YdFHANCBcQXw5UB0oXUV9RAF0+QhVSFhcZQhECAkxWEkhXTAcHA18BHAYGTlZNUgFUD1QACgUFA10PVghQCltWGhpQSkEAVgMFVAQOAgNTB1VXAAAFQU5WA1QRXWU=
server
Cowboy
x-timer
S1660401148.389115,VS0,VE122
x-frame-options
ALLOWALL
strict-transport-security
max-age=300
access-control-allow-origin
*
expires
Sat, 13 Aug 2022 14:32:58 GMT
cache-control
max-age=30, public
accept-ranges
bytes
x-cache-hits
0, 0
share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg
squareoffs.com/assets/ Frame 2042 		965 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
20223
x-served-by
cache-iad-kcgs7200072-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, MISS
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.394208,VS0,VE83
content-length
965
x-cache-hits
2, 0
proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff
squareoffs.com/assets/ Frame 2042 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Origin
https://squareoffs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
350921
x-served-by
cache-iad-kjyo7100064-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.394441,VS0,VE3
content-length
26400
x-cache-hits
1, 1
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
squareoffs.com/assets/ Frame 2042 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Origin
https://squareoffs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:21:35 GMT
server
Cowboy
age
347350
x-served-by
cache-iad-kiad7000084-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff2
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.394417,VS0,VE2
content-length
77160
x-cache-hits
1, 1
proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2
squareoffs.com/assets/ Frame 2042 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Origin
https://squareoffs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
438233
x-served-by
cache-iad-kjyo7100138-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/font-woff2
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.394433,VS0,VE2
content-length
20784
x-cache-hits
1, 1
ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf
squareoffs.com/assets/ Frame 2042 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://squareoffs.com/assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf?v=2.0.0
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://squareoffs.com/assets/embedded_feed-64800b53c571acc0a2c34b8bff79a5fa1d3f38fba4da323f0e7bc7e7e20b5131.css
Origin
https://squareoffs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Fri, 06 Apr 2018 22:02:04 GMT
server
Cowboy
age
374939
x-served-by
cache-iad-kjyo7100090-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
application/octet-stream
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.396179,VS0,VE3
content-length
188508
x-cache-hits
1, 1
arfeareareara.jpg
assets.squareoffs.com/square_offs/cover_photos/23023/large/1660095120/ Frame 2042 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.squareoffs.com/square_offs/cover_photos/23023/large/1660095120/arfeareareara.jpg?1660095120
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48c98607fae8582a4942705296dbbb0bfbd4851fc82b41e84add75dd5096f695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 varnish, 1.1 varnish
age
1824
x-cache
HIT, MISS
fastly-io-info
ifsz=456751 idim=1280x720 ifmt=jpeg ofsz=119704 odim=1280x720 ofmt=webp
fastly-stats
io=1
content-length
119704
x-amz-id-2
dCC4eh5uPphJ1tiixsHW6rkrZjeIgn4C4Ifo/ApDYyl+/KWAjxCR6Hu45DxkmCYfHbKTvIr5uNxtCGpFSQt2PQ==
x-served-by
cache-iad-kiad7000082-IAD, cache-hhn4067-HHN
server
AmazonS3
x-timer
S1660401148.485792,VS0,VE92
etag
"KdmVn5NK+6RQsvBtTGWwdby6BTlDsggHTVzS+21hhTE"
vary
Accept
x-amz-request-id
ZYYMA00EMCAKZYG1
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
KESQ_200x200.jpg
assets.squareoffs.com/profiles/avatars/1563190/large/1573851030/ Frame 2042 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.squareoffs.com/profiles/avatars/1563190/large/1573851030/KESQ_200x200.jpg?1573851030
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67a4878c66a30fb80b1e2411d8550c8e7aa863cc5a98aacc21069b467422a1cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 varnish, 1.1 varnish
age
3490
x-cache
HIT, HIT
fastly-io-info
ifsz=20066 idim=400x400 ifmt=jpeg ofsz=8974 odim=400x400 ofmt=webp
fastly-stats
io=1
content-length
8974
x-amz-id-2
sP9fkrvtRiJC4LdIzuWOoKrqeCBwLrVRJ89P8nA3YFkviGcz2nS70UM2am3BM//w2Sgo3Wz9/Lo=
x-served-by
cache-iad-kcgs7200036-IAD, cache-hhn4067-HHN
server
AmazonS3
x-timer
S1660401148.485786,VS0,VE100
etag
"WZztTb0dcV/dBPyKuEEEB7SeAxqGurmrgy1tKxQMYcw"
vary
Accept
x-amz-request-id
07AR7NEJ4KWWSR43
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 1
white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg
squareoffs.com/assets/ Frame 2042 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
361015
x-served-by
cache-iad-kiad7000083-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.424497,VS0,VE2
content-length
1639
x-cache-hits
1, 1
comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg
squareoffs.com/assets/ Frame 2042 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Thu, 14 Sep 2017 14:19:55 GMT
server
Cowboy
age
444528
x-served-by
cache-iad-kcgs7200023-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.424752,VS0,VE3
content-length
952
x-cache-hits
2, 1
squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png
squareoffs.com/assets/ Frame 2042 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
age
1327449
x-cache
HIT, MISS
fastly-io-info
ifsz=1676 idim=35x34 ifmt=png ofsz=918 odim=35x34 ofmt=webp
fastly-stats
io=1
content-length
918
x-served-by
cache-iad-kcgs7200074-IAD, cache-cdg20760-CDG
server
Cowboy
x-timer
S1660401148.424741,VS0,VE90
etag
"HaZF6tAzWV7kHNItXrwu5xuQWA1MbGiTU4c9rxC7MKw"
vary
Accept
strict-transport-security
max-age=300
content-type
image/webp
cache-control
max-age=2592000, public
accept-ranges
bytes
x-cache-hits
1, 0
SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg
squareoffs.com/assets/ Frame 2042 		581 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareoffs.com/assets/SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/embeds/4847?feed_size=small
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Fri, 29 May 2020 23:34:00 GMT
server
Cowboy
age
18732
x-served-by
cache-iad-kiad7000100-IAD, cache-cdg20760-CDG
strict-transport-security
max-age=300
x-cache
HIT, HIT
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
x-timer
S1660401148.424734,VS0,VE84
content-length
581
x-cache-hits
1, 1
cs
npgco.blueconic.net/DG/DEFAULT/ 		66 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/cs?bcsessionid=671b177c-94a3-452f-a418-53381b403e66&&callback=bc_json969
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
cd2bf2489354bd8988f9cec3df34c3f5022d7983be569c51eb3101aac8107d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
gdpr.css
plugins.blueconic.net/toolbar_gdpr_components/1.2.2/frontend/src/css/ 		2 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugins.blueconic.net/toolbar_gdpr_components/1.2.2/frontend/src/css/gdpr.css
Requested by
Host: npgco.blueconic.net
URL: https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
- /
Resource Hash
ee2ec977814ef6d0e7399fdf80c62a5195c203c9ca02686506bcb5afe9ff1695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 00:56:57 GMT
content-encoding
gzip
age
740435
x-cache
Hit from cloudfront
content-length
520
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 13:06:31 GMT
server
-
etag
"627-5c8cf96792320-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
KjkBId8ra7CNAS5xz-ir9A1rn6Mx_EvQMyeyPMD1H-t06S3mZ5ASCQ==
expires
Sun, 04 Sep 2022 00:51:53 GMT
968
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		363 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/968?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=671b177c-94a3-452f-a418-53381b403e66&bctempid=&overruleReferrer=&time=2022-08-13T14%3A32%3A34%2B00%3A00&ts=1660401154944
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
bcb60c7c60dc1ca99380aecf484e91d9979ec1a53c18a0977f42c2e7c1c7cb2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://kesq.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
175
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
968
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		182 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/968?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=671b177c-94a3-452f-a418-53381b403e66&bctempid=&overruleReferrer=&time=2022-08-13T14%3A32%3A34%2B00%3A00&ts=1660401154945
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
43bd00bf0c2198b4aba59515350712431bf4d08d14aecd6dbd8b780d74b78c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://kesq.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
165
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
hb
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/hb?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
hb
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/hb?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:28 GMT
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kesq.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kesq.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2375980295383820&correlator=4113731584171511&eid=31060545%2C31067707%2C31068825%2C31068211&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&npa=1&iu_parts=6123%2Ckesq&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=3640888092&sfv=1-0-38&fsapi=false&prev_scp=wp_unit%3DLeaderboard%25201%26pos%3Datf%26browsiViewability%3D0.60%26browsiId%3Dkesq&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie=ID%3D5818053ac1604292-22ffc32cf2cd00bc%3AT%3D1660401147%3AS%3DALNI_MZLpviXvJGyCMPIrlAPcvGAhV2C1g&abxe=1&dt=1660401155029&lmt=1660401155&dlt=1660401151197&idt=2634&adxs=436&adys=122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=1600x90&msz=728x-1&fws=4&ohw=1600&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1711031756.1660401154&ga_sid=1660401154&ga_hid=118432236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0bda6d67e4e10db70ae5a65ce781a7f856d33b3a48027f22fcda330cbaeab668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12045
x-xss-protection
0
google-lineitem-id
6058026450
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397530351
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kesq.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2375980295383820&correlator=4113731584171511&eid=31060545%2C31067707%2C31068825%2C31068211&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&npa=1&iu_parts=6123%2Ckesq&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=1664542037&sfv=1-0-38&fsapi=false&prev_scp=wp_unit%3DMedium%2520Rectangle%25201%26pos%3Datf%26browsiViewability%3D0.80%26browsiId%3Dkesq&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie=ID%3D5818053ac1604292-22ffc32cf2cd00bc%3AT%3D1660401147%3AS%3DALNI_MZLpviXvJGyCMPIrlAPcvGAhV2C1g&abxe=1&dt=1660401155036&lmt=1660401155&dlt=1660401151197&idt=2634&adxs=1033&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=354x250&msz=300x-1&fws=4&ohw=1600&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1711031756.1660401154&ga_sid=1660401154&ga_hid=118432236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a8402f7ca3c01bc64bcfead20a1d8784f0b3bb08f55d77dea0497e6b69ac10d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11544
x-xss-protection
0
google-lineitem-id
6058026450
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397530348
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kesq.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
d98b997ab2a880527ff9d5da5687bdfb
npgco.blueconic.net/templates/ 		290 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/templates/d98b997ab2a880527ff9d5da5687bdfb
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
ba82e6480a2599627970d68d9d42b4e51c488e9eb8587d3cf9d539724b44b073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Aug 2022 14:32:28 GMT
server
-
etag
d98b997ab2a880527ff9d5da5687bdfb
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
36390
x-xss-protection
1; mode=block
expires
Sun, 13 Aug 2023 14:32:28 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/ Frame 2042 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cde32b79b86b46af9f8645cf97f95c25ce0abebd208b7a1d954cee589758224f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122695
x-xss-protection
0
server
cafe
etag
3322842100437642439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 14:32:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame B75D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareoffs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 01:58:11 GMT
etag
8616628553774171045
expires
Sat, 27 Aug 2022 01:58:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
notificationBar.css
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/ 		2 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Requested by
Host: npgco.blueconic.net
URL: https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
- /
Resource Hash
d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 02:11:58 GMT
content-encoding
gzip
age
1945230
x-cache
Hit from cloudfront
content-length
581
access-control-allow-origin
*
last-modified
Mon, 19 Jul 2021 06:37:57 GMT
server
-
etag
"7b4-5c7742d8457d8-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
LgsdrFHeXQM7_x2DfMjzgaoUFLwyroBZe8oJD6HdzqthO2v7yt6CDg==
expires
Sun, 21 Aug 2022 02:11:58 GMT
CloseIconNotificationBar.png
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/CloseIconNotificationBar.png
Requested by
Host: plugins.blueconic.net
URL: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
- /
Resource Hash
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 00:38:09 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 06:37:57 GMT
server
-
age
1000463
etag
"6ed-5c7742d8401e8"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
1773
x-amz-cf-id
tdUk20bD9qNDbpFfuCY-vWDSSsTowNO1t3_7d1UAbG7a8t0P17PPuw==
expires
Thu, 01 Sep 2022 00:38:05 GMT
thirdpartycookie
api.viafoura.co/v2/kesq.com/ 		45 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/kesq.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:14f2:f07b:baf3:641a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-03e1ec15cd7a04c9b
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://kesq.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 13 Aug 2022 14:32:28 GMT
fontawesome-webfont.woff2
feed.mikle.com/fonts/ Frame 971F 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/fonts/fontawesome-webfont.woff2?v=1580871352
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.218.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-218-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Origin
https://feed.mikle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-12d68"
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
intl-messageformat.3008fd0176767b7bd4fe.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.3008fd0176767b7bd4fe.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
463ced94d9222d9f5ffe8aa33b3775bcea88be4e082c3d94f19c5022ba453bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:57 GMT
content-encoding
br
last-modified
Thu, 11 Aug 2022 17:32:07 GMT
server
AmazonS3
age
161972
etag
W/"10b6d53b5f433ad48763734899625ae1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
bYXZZd.peQWTQBBRuoqW2Oinpi1LqiRC
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CeR4fd3dB2kXBe5nccvmXlQrE195jTMtSILppy_p_mpZvAYQkijQTw==
intl-messageformat.72b9b7519ef8bcd5ae2e.js
cdn.viafoura.net/chunks/languages/ 		134 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.72b9b7519ef8bcd5ae2e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d425eaf04f774bece10d7f67a0dcbe9d4c5d9223855093f23f2e67f52e6e52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:57 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified
Thu, 11 Aug 2022 17:31:59 GMT
server
AmazonS3
age
161972
etag
"1201d1fdc20dddfb483ff176da7557a6"
x-cache
Hit from cloudfront
x-amz-version-id
izmcXV_wNFfmiEj6BXTtaFtg4gVsj1wT
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
134
x-amz-cf-id
3Mpib55n5Q2U9nCb_zj0pH3eHmZmLO09De7K-Puf1m9UcFOXWo6DUg==
en-us-base-json.ebbdd68ab699783396cb.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.ebbdd68ab699783396cb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9539d53fde0f0976637ee70b3ac04408510f532bf8fb11b5b2e9ee5f429f6822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:57 GMT
content-encoding
br
last-modified
Thu, 11 Aug 2022 17:31:59 GMT
server
AmazonS3
age
161972
etag
W/"2059649c99fa75d56a815ed5bbb87c17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
qtuLLGkHrI1g.xTFSS2vFRfwg.O.7z69
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
nqce20WCTjOlidQB9z7ujoIWHUXLo_1MluL397JXX9SQRTc4cUCu1g==
ingest
i.viafoura.co/v3/kesq.com/ 		67 B
388 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/kesq.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-67-212.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 2042 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=squareoffs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2042 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=squareoffs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A92 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&adk=1282969481&adf=3986099802&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fkesq.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155058&bpp=4&bdt=913&idt=244&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&nras=1&correlator=4912027320779&frm=24&ife=1&pv=2&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.4bsckar7hrzf&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareoffs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:28 GMT
expires
Sat, 13 Aug 2022 14:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2042 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env
Requested by
Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca8efee42e12974d12460be4dbafc3edf91a063d9ffa67c9544c7efa66936a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11092
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 73A7 		72 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1766d3f3f76295962d35fa59fa9afd7184437edccbdb0e0293468e8dc23f93a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareoffs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35428
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
968
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		185 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/968?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=671b177c-94a3-452f-a418-53381b403e66&bctempid=&overruleReferrer=&time=2022-08-13T14%3A32%3A35%2B00%3A00&ts=1660401155355
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.42.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-42-197.compute-1.amazonaws.com
Software
- /
Resource Hash
3ee2434ce23ca4d485aa7ee3e31627b462d2e67c261d19e370db21e3e26e1a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://kesq.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
tristan2-1.jpg
events.kesq.com/wp-content/uploads/2022/04/ Frame 971F 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.kesq.com/wp-content/uploads/2022/04/tristan2-1.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.203.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e67c6d94cd2a08f62fa76e292cfe34363bad74181a8a99669e3b377a53c0d781
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
3846372
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 08 Jul 2022 00:25:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62c7795f-3ab0e4"
strict-transport-security
max-age=63072000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges
bytes
weiss.jpg
events.kesq.com/wp-content/uploads/2022/08/ Frame 971F 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.kesq.com/wp-content/uploads/2022/08/weiss.jpg
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.203.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a2bf8a8864a824e162bd09745c4056c33bbef5e05828db9759fb0afda81ad89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
59637
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Aug 2022 18:27:31 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62f15593-e8f5"
strict-transport-security
max-age=63072000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges
bytes
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2042 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6766358096536054&plah=squareoffs.com&bust=31068937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 14:32:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 708D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdhWikF9ERT9HkAHcA0CzwTaisFX67CtrwbpBJXziKpf1KTkHjIA99FerEu70p1S_yPzBS5A3w-mEfaMyEHFfbCRfDPuN3oMgpGwvsh8MErCveY2qHTd-vVjRbyGSBI3xGb8n0vygARgDvi4_01HT2B15DpEGCIG9uCytGvw5v5d3xdwfG7v88RqCfZERnLTm9FeBrR1-e4Cqyn-2LMeq86dg3L2n7zrXwcLUq4Ux3COC8vdfCJw6SakBrRyVoGB2_ZpnKT4y_3Z5KKXDgOQTZ1lhibJv7CKfKzBiHww&sai=AMfl-YTMRkTTN34vtAQnnkEAhtM3sQcjTERAcd1rzanOBbRGypvrZBnA9EyfVA2kfrD2kSNuefAiMEsAY98VvSOHY4FkM1zorLEnjnymTfBszSg2oS5OjBHWEVs5N-FW6A&sig=Cg0ArKJSzHUjg82xGiD0EAE&uach_m=[UACH]&adurl=
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 708D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:04:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 708D 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 14:32:29 GMT
15851845597556505432
tpc.googlesyndication.com/simgad/ Frame 708D 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15851845597556505432
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de97f4937ea6cb453c24770f01190033933132bfc2ec98ed69391d4431027862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 11:12:33 GMT
x-content-type-options
nosniff
age
11996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81787
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 21:13:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Aug 2023 11:12:33 GMT
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
hb
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/hb?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
truncated
/ Frame 708D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1c00369a64cb33986a55eeb8dd16e23b7e540b51e7ef9f49e8a7a836adb014d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 788F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareoffs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:27:29 GMT
expires
Sun, 13 Aug 2023 14:27:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B746 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62dfa7c3e2fa1690d5cc553bc431c7177abe54d0c82b58ada465b2288405834c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zN2-CQDf28hhHTDyX7MeBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareoffs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-zN2-CQDf28hhHTDyX7MeBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:29 GMT
expires
Sat, 13 Aug 2022 14:32:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 788F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 13:08:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 708D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLqFwlRuXwTc4F5x_XHh5aqDa-nFrJN8wVpRUAevpuLSTOhPTLgMjNzXPpdf4wBNMjdNEv0hL_FtmenbOf8QNYgyscy4EVB9Fxm_dKeTdxgtl9sktp37YrDO34Kw8wjnkRHchmyPp8EdWslKNPUToNeFQsRN-w1F9gypw7VaCmqrhx6m4mCFUQarch8XF4Qg92vOyLaK8XdYf6dmzkVQHXQrF_3pd_Eb6wAIl6QyyLnTkQ9qcszhv3iRlFimyCe9K-IOT3PYmOMdx2WGc_apybuofAqaE66h7rdJyl1C6j&sai=AMfl-YRMWwPSigiRvmY7YIioWUozw1Pbk30-kiXu9nJeNbYguN1VgwKoR7F4WIFGM-qXJh5DD6qMbJ1S2qXlqQ8Dm2nIZOZSufz77Io_-FNVVkYCGmuPDgmLmxULGWif6Q&sig=Cg0ArKJSzLrTtmTb4NtWEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 13 Aug 2022 14:32:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAKA47VWu7_06T5dlqxyBmPzwqSNR-ts9VcgUqdiT23vXrB8T-tDFTWeOMgnEKbuLznTjTb5GBdr4L_1cQ2GsLuq61lGfZ5sNbUL33NlB2o4k0aSS24_cGFDH4n9M2XcDwLPjdhj-QbHWvfdH2TxP58sOa5kgUaqjwlXAgkN7U_R39iWAtg1fg0GQtlg0vpd2eV6ac0R6durf7NIGX8vKMk1HQ4SywqSDVWM4F2qBmkHQ-vMYy_79kyuHkDAx2RCz5FGY7D4n4l3DYeqxEDCNLGg_tjxf5pF45kZZXRw&sai=AMfl-YRrzqZaiOI8N3rXSIL_TqKwkcL2dO5qfhI78xeWyfUG12lY9Kl0CC4vJIMvnBFG8wU7bFoQo3vMKwyeD0SCea3invKTwA6vCPQ5M7966S6ulk4JkysVnghQMoZ_JQ&sig=Cg0ArKJSzC5VDozhvuPhEAE&uach_m=[UACH]&adurl=
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 99F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:04:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99F5 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 14:32:29 GMT
l
www.google.com/ads/measurement/ Frame 99F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQCXFmK8X7uWYUTlHjD6S-LbtmibMIuDQzn4bGfbIJRp3N36L8woGsF0Arrz5NVGAvrSuN
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
7644468167998963881
tpc.googlesyndication.com/simgad/ Frame 99F5 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7644468167998963881
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03691b6669a22fa6daff030b2bececc4f1ca300d90b444d85812cdfce552c992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 06:09:58 GMT
x-content-type-options
nosniff
age
30151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95373
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 21:13:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Aug 2023 06:09:58 GMT
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
hb
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/hb?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:29 GMT
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ Frame B746 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=1964819916808331&rc=
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2485
date
Sat, 13 Aug 2022 13:51:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 13 Aug 2022 15:51:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73A7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLoYG42ienLNJbc8Sopr6Et3QgzIDWjdet7qAhPc4A_Zn48CwSfTr4McdHPkNEfs2M_klp3OFS_sFDKIolx1EWLd2DjLGmsY80ADVhTHls2v8pkFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 73A7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:04:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 73A7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:25:44 GMT
l
www.google.com/ads/measurement/ Frame 73A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvnYt9uaJ6F728V8RjT_5dMxvZI-LknWRjvkOvkMRO2ubZ9wbseMNZeWgZ4a5O1tQIKkllQBldX6SugvnUySl48u-lyg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73A7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 14:32:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AE52 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 73A7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:16:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 73A7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
4024001306453174559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 14:02:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 73A7 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukH4WyRDBOu6RectmGXqrLmu000MV869p7_aj_DDXDfd_STwLEM-pf27FYILCn0lA-adsnOHFifjYl3GDiI48TDHuOD63GT2ULe0KUAYjI26zT8ACqNBS1kyzXAnhpetexCXAuG-JMP-vQK6yaUk3vE6-8YdfQUQ8VV4VUfGrKT1tvKoiK8QlxlVOlVvCU9D1N8qHzHBQ3SVX7qEsn57oFRiz5cGe1ziije2C19bXMr7c2ka6g-IOxKxqmTI4r5qmjl8CI7BiteZ9VQ_e0pAyZ3m2f-B8MqTqrH3JHivzpvh2InNL4UOqj5dxPQO6i9UHmG3W7tin5dynIIvQL7__K9ERPjDO_eMLy7eI2jeF6qMICayMptJy3isOTatVklz9XQeqhnMpP-iLi5IjSzVpqHGle29II0a1edAT2i4l5XFgVIDK4O9ABwtZYe2lSK-jpgsBU-6DY08Fj3IWnLzsGupb29kWJUxTs4s7NhI_ZWYoqCghcDyTBNNLIokDeVSBQt27Ee-iVJOC_ObiXMNamQvdVb9bXHY4lbCp2tbbRgjOVoNwuvbC0aDMMIVfPC7PL1dszz1A8EpvZdfP7oGG5gD5De7o91L-T2QuAFoY6Ic9AaTlApG-ydTDGHo2DKqTxnMuUtaDHViYZ8bmdgOKT2RNWwGxuKJTOAcmGKPzEolkVSN_IU7c498DTd1AVHIdxvJrSN1R4Zkmv82f2amdzdVC4WNsh7xeg_9_ghPsBMPF8MReS3lnNXqF9YPYew2Ueg2fyPQ9df5Rd9StJLeF9bEchEr8FVeaiwGziaGobXtqoRrsJqPIPp0xtsQKZiUh7BXO24cXERU4rrFpkyTO1QiX5T4EuqXUG9l6dRtYRCTH7QNg-KDI4KgtMu2HhYMBEUIlWRs5Tk6RtctMnQ7bByGedP3NZCVP24ulnHzZ40rrZUSjMVP3BtAimQgwvxsU0urOgj0Nq_5AaCCDutYpYa_VQwXpoHgZBADJ-S7Ysc0083vmaRFsDPUePgqV7PF3ANAQfwOIY7ZBGiAFzR2Kh7HVTzPnd5hPSMmrc0Mff6CuZ5o5b93WdeR_ZnaZS-dr9rYOJM_Bf7nGSj4PIx6ijFoEFzOU4zWjZPJKQufKSLn7JPEGSiokh4a_KsioJ5FrH_p3SGQIQy00v6ASk-rWcejoI7_LiuKB-wIUg6TRgiMM2B_mpuJSDDSNB8HZJE5u3kWW9u6E&sai=AMfl-YSqWIi68A1CtyLXvsM6n3m7QYuYRY4QL_1PGWHcFeWMyJQRxvQuNRLyXDbPop-lkfBPNkttsN2cEkJzYWTIaY7VVNOediRNzUmhG7jAlBZloUmYS9UxRaK1aCWRDJV1ESnD99GqBkdE5GQFniCLBauxHhcNAPVtr8jeUWz8xeO7wQdl9kwiG6WirzpDTCSjH2qZIsOPCrmnJ6uLCoNeY_7XlKqintyAT09zvkI&sig=Cg0ArKJSzHfvB87LElmnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220810.69595&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 13 Aug 2022 14:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 73A7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
17196391617167994253
s0.2mdn.net/simgad/ Frame 73A7 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17196391617167994253
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c99bee74aefc77081cf112204158705bbaf711b1cd30d5942ba97ba77da8182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:05:25 GMT
x-content-type-options
nosniff
age
278824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64740
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 17:01:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 09:05:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu18p-XsAEQb22CbwFk6oXGxoE-MxREcXh_npHc-nKqS6JML9TLFW7v2MFpw_Rbdl4S_uAXGJNriyeEQPRSU4Vt5rgODuXAVxTQDvLyC52hntdaHv1_mWGN4MbGDbv7Y3JDgI4OWVkgXk_U4nqZy1IhNIQZ_0X0jTs4zTT2rYR8tly_b6X6w3A8UCA22CDB1b9nVHZBJv23bX9NoHXH3iJFCa8DrG8fuOBQrmh6Dx2I5fQXj0tfbxVZLwJJ2wMskeMlgUbd-kblgDHXfp862A8Ne5nBqlFYxN87FkA2aEdM&sai=AMfl-YRKq1r3x8lFEej3fgE3njGjGF8kSrpF5l7klh95s9j1XlItaYD0uoxdyOaO0WObwyGZPDQZYLW6FYo1b2vtYqwGW1UzHxTjfNQjNLJ0r_br3I1w_gQp2FyEquVTrw&sig=Cg0ArKJSzMoeUOJxH7XXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 13 Aug 2022 14:32:29 GMT
truncated
/ Frame 99F5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c931ad7b0e7edda6750652330e53ff0d32caa1c355dbe7287d43b120eaa347e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1049 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Sat, 13 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 559E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162803
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame AE52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&C=1
43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73a22910990391d8-FRA
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQy9MskEcy84jbQjfAc6Z7Bh6dYTtqLLT%2B9%2F%2BbHIfKvKw6bN6y%2BFN4QP4hUNhY%2BR1rq6O%2Bt1P%2FXmNJlOsidv%2FEU3hC0QYYnDTkEWjKxcEAq2oiiVh4s2zgS6qMvDv8lWnG%2BU7DZCYn8cqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxH2m8c9VZIlUz6ci%2Bl4ni%2BQ6vvwdMAH09Q%2Fi1y4m5Z8cSkvtXtHDEWl4ntyOGe2ly3OdWMG58AlbTxATUiJGo7jSvTR9uLEFUrknXCAnjaVzWkZOgh%2BuSjlT6WWSEE599HFJBbGAwZBig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&C=1
cache-control
no-cache
cf-ray
73a229105f4d913a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AE52
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yve1-WNWaw..TNosuYjOvgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&google_hm=2
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73a229114a0c91d8-FRA
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnfel7R0wAhlQjjVgIGMB8rfZO%2Bout9ebVx1oj2zEO2aAqESgZ5MW1AKyfxKyZKOF%2B5JMNTjJFNuUauu9PegcM6S2hYkaymTRhFEqPkj3uYu6iWC8ooasJnP0D07KHw%2Fw%2BtjSietzf1soA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy3kKQCZ73jl-4jYI8AR3s&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame AE52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBet-ErSylPUqmF4Ftjii7w&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBet-ErSylPUqmF4Ftjii7w%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBet-ErSylPUqmF4Ftjii7w%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:29 GMT
X-Proxy-Origin
146.70.117.102; 146.70.117.102; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5fb45d1-dd6e-4669-b532-554fe5c72d24
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:29 GMT
X-Proxy-Origin
146.70.117.102; 146.70.117.102; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c17b2ed3-f0cf-426c-abe2-ec1a2e4eb340
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBet-ErSylPUqmF4Ftjii7w%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE52
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgyMzIwNDY4MDA5Mzg3MzczNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgyMzIwNDY4MDA5Mzg3MzczNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhjQ5M3QATAB&v=APEucNX1FO4c40lkq11MW31v6IcSEGHRn7I5-JxSrKXp0lvUQFHpEaMB83_RiYyXawgR3LoS5KnhQWpjCZIS7b7OabbLpNgsNxOvWCBeAIvNh9yS60z4JAXZRdZDQpjDTK-Nm6jQWNaMHDq0_0elGir7pKnnZ7Iad595R0nzWuoab1dYmk8l0LU
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:29 GMT
X-Proxy-Origin
146.70.117.102; 146.70.117.102; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc405904-d8c8-4b3e-bcc9-6957c8f2b7bf
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgyMzIwNDY4MDA5Mzg3MzczNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 788F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jDXjcA
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=603404047&utmhn=kesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20-%20KESQ&utmhid=118432236&utmr=-&utmp=%2F&utmht=1660401155901&utmac=UA-24770923-2&utmcc=__utma%3D98699140.1711031756.1660401154.1660401156.1660401154.1%3B%2B__utmz%3D98699140.1660401156.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1944438240&utmredir=1&utmu=qAAgAAAAAAAAAAAAAAQBAAAE~
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 73A7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukH4WyRDBOu6RectmGXqrLmu000MV869p7_aj_DDXDfd_STwLEM-pf27FYILCn0lA-adsnOHFifjYl3GDiI48TDHuOD63GT2ULe0KUAYjI26zT8ACqNBS1kyzXAnhpetexCXAuG-JMP-vQK6yaUk3vE6-8YdfQUQ8VV4VUfGrKT1tvKoiK8QlxlVOlVvCU9D1N8qHzHBQ3SVX7qEsn57oFRiz5cGe1ziije2C19bXMr7c2ka6g-IOxKxqmTI4r5qmjl8CI7BiteZ9VQ_e0pAyZ3m2f-B8MqTqrH3JHivzpvh2InNL4UOqj5dxPQO6i9UHmG3W7tin5dynIIvQL7__K9ERPjDO_eMLy7eI2jeF6qMICayMptJy3isOTatVklz9XQeqhnMpP-iLi5IjSzVpqHGle29II0a1edAT2i4l5XFgVIDK4O9ABwtZYe2lSK-jpgsBU-6DY08Fj3IWnLzsGupb29kWJUxTs4s7NhI_ZWYoqCghcDyTBNNLIokDeVSBQt27Ee-iVJOC_ObiXMNamQvdVb9bXHY4lbCp2tbbRgjOVoNwuvbC0aDMMIVfPC7PL1dszz1A8EpvZdfP7oGG5gD5De7o91L-T2QuAFoY6Ic9AaTlApG-ydTDGHo2DKqTxnMuUtaDHViYZ8bmdgOKT2RNWwGxuKJTOAcmGKPzEolkVSN_IU7c498DTd1AVHIdxvJrSN1R4Zkmv82f2amdzdVC4WNsh7xeg_9_ghPsBMPF8MReS3lnNXqF9YPYew2Ueg2fyPQ9df5Rd9StJLeF9bEchEr8FVeaiwGziaGobXtqoRrsJqPIPp0xtsQKZiUh7BXO24cXERU4rrFpkyTO1QiX5T4EuqXUG9l6dRtYRCTH7QNg-KDI4KgtMu2HhYMBEUIlWRs5Tk6RtctMnQ7bByGedP3NZCVP24ulnHzZ40rrZUSjMVP3BtAimQgwvxsU0urOgj0Nq_5AaCCDutYpYa_VQwXpoHgZBADJ-S7Ysc0083vmaRFsDPUePgqV7PF3ANAQfwOIY7ZBGiAFzR2Kh7HVTzPnd5hPSMmrc0Mff6CuZ5o5b93WdeR_ZnaZS-dr9rYOJM_Bf7nGSj4PIx6ijFoEFzOU4zWjZPJKQufKSLn7JPEGSiokh4a_KsioJ5FrH_p3SGQIQy00v6ASk-rWcejoI7_LiuKB-wIUg6TRgiMM2B_mpuJSDDSNB8HZJE5u3kWW9u6E&sai=AMfl-YSqWIi68A1CtyLXvsM6n3m7QYuYRY4QL_1PGWHcFeWMyJQRxvQuNRLyXDbPop-lkfBPNkttsN2cEkJzYWTIaY7VVNOediRNzUmhG7jAlBZloUmYS9UxRaK1aCWRDJV1ESnD99GqBkdE5GQFniCLBauxHhcNAPVtr8jeUWz8xeO7wQdl9kwiG6WirzpDTCSjH2qZIsOPCrmnJ6uLCoNeY_7XlKqintyAT09zvkI&sig=Cg0ArKJSzHfvB87LElmnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&vt=11&dtpt=151&dett=2&cstd=0&cisv=r20220810.69595&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dpixel
cms.quantserve.com/ Frame 1049 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMVyuTpp-ZNFmWYZbD8Y7q8&google_cver=1&google_push=AehlK4Ci1_wWOIO33dhJRPwSsWbe_UcceaS7ejOylWsabDgYMz2DRfMzOhwEVFcoOrl_MHDBvdgDfN3AZrS5CRNYa5zFmIn60fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1049
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRx...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZlMS1RQUFCVWxxNldkdQ&google_push=AehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRxl50jy5vFG9yE7M91-rNhSv2v1MsfuuRa3Xv1wUK1IGRnM31rhJvj0UC9Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZlMS1RQUFCVWxxNldkdQ&google_push=AehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRxl50jy5vFG9yE7M91-rNhSv2v1MsfuuRa3Xv1wUK1IGRnM31rhJvj0UC9Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZlMS1RQUFCVWxxNldkdQ&google_push=AehlK4D3kiXq7qWCVIhd-xRH6zgTEydpvm_VxRizrRxl50jy5vFG9yE7M91-rNhSv2v1MsfuuRa3Xv1wUK1IGRnM31rhJvj0UC9Q
Date
Sat, 13 Aug 2022 14:32:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 1049
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Cd2iBR...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Cd2iBR...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMxNDMyMzAwMDAyNjY5NzQ0Njc0Mg%3D%3D&google_push=AehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMxNDMyMzAwMDAyNjY5NzQ0Njc0Mg%3D%3D&google_push=AehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_BoQkZAjPXckSBjPAUCW4zWPD5IU98X
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTMxNDMyMzAwMDAyNjY5NzQ0Njc0Mg%3D%3D&google_push=AehlK4Cd2iBR07wSJ8MNmRZ1878hrPno6-imczamXsGKlFQpNXHdF-JIRSrFpjQxYEDfX_BoQkZAjPXckSBjPAUCW4zWPD5IU98X
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 13 Aug 2022 14:32:30 GMT
dds
rtb.openx.net/sync/ Frame 1049 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMeu6qzP3t2Jl0SaH0GxF84&google_cver=1&google_push=AehlK4BQiNRad78eFrhv0H_TVRqiMtX6D_0xDUfPoJPLO6UtC7aUIx6BLSTahaLzSIEdzXyZ8vGuJZ2LgYOQOsAeqyZSQAWPz4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6qs9srd9oe1thg1hvt62ukvmqa5hbo2u
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1049 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEmMQYkVFrzGpUhjnT-NF5s&google_cver=1&google_push=AehlK4BKFwHpxGTRVHFcK3ttUpqwAke6AmDyJIA04tOdgU_xifA3J-lY_yVitot8Zzqaqs3SJp3bFCPuW0EL6hB10qi7KZecVVi5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1049
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBDc5h_icQeiC32JXKFor6w&google_cver=1&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSWloySU4tWS04VlRS&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7rMFh0T9jk42Mf2TVgZeCnnzq1s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSWloySU4tWS04VlRS&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7rMFh0T9jk42Mf2TVgZeCnnzq1s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSWloySU4tWS04VlRS&google_push=AehlK4ChjOcZEsqr6UIoDySLaqpxOnJDJKfMqqO7tPXas_7oKaA985b8E8DcG36sFsfrZcICA7rMFh0T9jk42Mf2TVgZeCnnzq1s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1049
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_hm=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&google_nid=index&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_hm=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&google_nid=index&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatXpjsAp6W6jTAIStM2Q5d-qEM2APYNO0ZsdTuNK8AdgTiFod61Qz1acg1xfuwO3nE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CanQUVmqrpgz8QgANfYG4a86tVwJ%2FxGoGWZfbDSymBl821qAywscBVOg%2FXjQqRHfqDed1sxX11hinFhhuOz5J4Ec2DlIRLyWVkpwTyanOPqrzjmaGzWYuVOLyyP%2Fcu8Z3UjDWbBaYiHg7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECibJLKQgYHBQXlAeNaDjCY&google_hm=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&google_nid=index&google_push=AehlK4ABLY-QVILf0OITZkelXHwI7RsCNIatXpjsAp6W6jTAIStM2Q5d-qEM2APYNO0ZsdTuNK8AdgTiFod61Qz1acg1xfuwO3nE
cache-control
no-cache
cf-ray
73a22910ea17bb89-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 1049 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPKFn1D3azRo0WVUIOmz1e3-T9f-H9L5PIWT6oZ1mMBN62Bd7wdZYeg2mRFhVI0j3Am5i9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 559E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 13:08:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 559E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkCGe_LX3YverONmytwf725XgDgAAAAA4AeAEAg&bg=!LC-lL2vNAAa4hXTbmIU7ACkAdvg8WuNSrKd0jmaL1JLdfHfuW-4LZxzdW-kTraZ2IgTVKDYP7RckrQIAAABbUgAAAAJoAQeZAySPRHewI2EmaIGZ-_wpmlTivS1srzPs-ZOkiMVaNmy0nrWZirVALt15Z2ewfcTuyUNUWf1OZh-nEUVs61QIlicMctlx8SsswYCCPHK5gzfcM8pcfhWyFUyMMlqPxjivdiIT_UgrG8xH6AdoX5OXtW1vZXyQdTvoamf0jGlXZ1TWAEgHu6R1uO7Ld4CXM5Tl_Xu1_FAeB2MRjSe9daLCwlkNk3tpy8lCRiw8CBondzMpTueVD_IDEsnQC-XRWuyNIRQkNUD7FwSYZlaNG1c9AAG6iJZFGoQfiJyqdPTaw9ev0MS9SMV4QYH3l9xx4b4hl2bvGmjjpQBYYzXYbAv_ZrQfwQBFXGXsi-yBkXNZZixHBx926D_4t-OSJEMuwa4bo0Q9rhDmbssLfGVaAu5kJtD6u2oIeyTRglmmnrPEE2ogVXvfmuV84p2antPDEJYaXdm7dRRaJz2CYkQ54fhteD5E5mhjhMVOelAl388WuusRVEuVeJOCnrU4J0iIowqpkOsfwoekX0rq3ldxTcMYj52M3ro5dOKAuKtNJA0ZKiUenHp03WVow7ljZS-d2X-uMibnxaMbgmSE_-ANOWiRrPIWbB8UABwfYxBShJAQDQB58EoGtiY3XPQmu1szZRcZPJGLTHwHZtZPkGO_nzWyTxrxag7u7cdVi6MjeZwoGlb6uZ6GCu7NKYWXXEFJ9elXNmqRRbjIyRg9sGJt-VThLKXsfduBrqeSk92rrbh6VZR3rEZhnXMWM9dGl--b4I-jxiVonNup5YAx2VHRtcdJ8QU4LoBOlBW9PipURwpF512_1WFr3JWZz7EhZ63BaPlbIfEwM9R4CYQ33NMFHmquilLkgEJeDnS7Lkp1oejlgyoQEtML9oHhIdALY_xeffRR9XoNu863bd4TArEuJXtuJu7p8koRa6o--F2dWlwWVHTTaEgIgjkLmo05thDsCKE7zPY53p4UYjj61vOqTWX6go3wE7as_W2LU-3kgUXbgajz8TJGaWfF0-b3mpFkoZPiaSW2PkayUKz8VXkRLzpB-dZnN7eenHvLLyiPZ21feyGzGShC1Zg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=3548821391&adf=3178842976&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660401155062&bpp=2&bdt=916&idt=281&shv=r20220810&mjsv=m202208110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4912027320779&frm=24&ife=1&pv=1&ga_vid=637507143.1660401155&ga_sid=1660401155&ga_hid=1573607445&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761792%2C31068937%2C31068921&oid=2&pvsid=1964819916808331&tmod=779071036&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.bi103q9lasha&fsb=1&dtd=287
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2042 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=1964819916808331&bg=!iYqlis7NAAa4hXTbmIU7ACkAdvg8WuunHUvPRhjFQskoEQoyF2itybLj4_PSbu6JGoXDA5lH0W4bNgIAAAEqUgAAAANoAQeZAxkILS7lYQa9459127K7pbKJoZj70krHmJgfv389Az11gudkk3m8tIZ74Ym7LmYwJzgkjmbze9uc5GskOoQ2B11Wa0bEa8S-JWLWJiM0vq_eCMEQCxeVB0xtW7Dl6hIb8l5ciSYAROjMqyJb9sx-3T70pmfVYRCRKbRk4mLUs8K1E4YUMl6ivOfgpjAfb8ric6MHQElzPPjgrvXx3Jg2XC1W4K-eRfU4FXR6E2XyZqcNkfFRJf0kAFDcRSsXkQ_LB9PYuGwHZX-qzqAM_73HC9SX1_2VZncddpkIvHtxKg73U5aa_ePtCWJHBcb3eCkK1K9b2lV9WgmoSjuccI4TonLgKhKhggGBsGGw_l2B5A9ZZ0eNDlsMfZqZqbY0M2ZaHAQnbeqd4fts-pPtZ-FMMh1owXy3ifuNE3D8VuwIGg7uDShvkBDnaNe2kyizPbzTyFBEFBihmydKkBi38QuH1uXUyFEVBEd641mr3W8CKQpz6zqaE4lRLiZ4AJeI8PFZsiCzEWBtjdqSa24h3wEGa4FTO07mrkFeqj0YaMKUWRqxpGE6KKulfLJhZ-gzioVL7zX_jcJRUv9WhmKU0_Y8tLfiIgwIGmomFlu5AKp4C2ydmiQvox9LzS4tFw0rwv93dlFBbcBJz9XxKuK7iVMMKmo-Dw_6H0U3x7BJxRtSFzU8zWcJt68JC3RzW8Xkzz508Xgr_rHjGRXcmjMMZkIWXbRln6cWSRaaUouQ8McUid-mH1q2_hutog6B1oEuvgoUWC-Nz5sOy1IL3w5OKdpPHMqsU45khq9YAGmso0QGFLHKhaenlOAGA-rrAd6yjpy6bSJBxrnaqMj1bk7VHl_iZKcCBodlZXrTHa0_tLtRL2caRaOJQ8NdJC0GbRCsKQtbKSeIjcI0spT0XsvWX8K7-J0H_C_zFxh3TPPZW4wxesjCV1ZWDYX4nKyzvgPCgqu6IghhjhrZX0a-C09PagOOqUVtDglbLooLb0Vk6Wi4p9CuyU3Rs3UdDhhya0KNbhpU4f1nQw6mCW3xjxq9-yGLSbzWDzUfktPbNQtD
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squareoffs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 708D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJi3mq_H4aT92140aOwNfS-YJKqD66iPfrFE8lsdj_FSNxlxHnm6xb9LCVsE8vIgIzgSNy2QX5Fjr4Kttitwbp7LyFqyqpb2mKq5lK72DA6WY-ojCUEuc3EQdUQ2HeAcMkPos0wl8ryJkwapdXgIVYGbduYgfHCEGLI8s7G-W_wqgqtACMfjRmfBixr-CSdh03LKKZJFfaUjATeaeIrFSDUpqa43AWHJjfbYVdLkmKg9wa_iGInemsPDqdfV-xFT4yUV3pqhsXSIPc-euszQebQRRScLwyoFQHRqDXVD0kndTpYVrE&sai=AMfl-YR2e6jjqbytj9ZEa02_x5s5-IRRv2jEP9Bh8IEgVWW4KrthnxWsAv_Zkhw72FxAC9L6Z4EzQ6LL1DIbl1-DF6t3hQ1ro2pR9z1T0OzH6mj4cqEN4hvBIlJXWI2-LA&sig=Cg0ArKJSzO7XgFvYAwRhEAE&id=lidar2&mcvt=1003&p=362,436,452,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3640888092&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660401155495&rpt=181&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
demand
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/demand?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:30 GMT
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 99F5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD-MN3hKgatzT_zfiNUuDoMbT1PSsWPsncvbP4GQngwkQTRrfKjC7HmFozjhiWyRf_NJeMByXZlfKUz7FAg4SJdDZFUBZIKhP09sayKFiaq52EKVQk&sig=Cg0ArKJSzCgCzSKBfdWPEAE&id=lidar2&mcvt=1001&p=516,1033,766,1333&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1664542037&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660401155701&rpt=66&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tvp.js
snippet.tldw.me/tv/0.41.47/ Frame C461 		196 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.41.47/tvp.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5180cded0ef18f7d22171f5880a22bd6f8b827b2655fe2a187f24fd5852b024a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-length
51035
last-modified
Tue, 02 Aug 2022 07:03:06 GMT
server
cloudflare
etag
"1659423786"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw
1660401151.dop022.ml1.t,1660401151.cds223.ml1.shn,1660401151.dop022.ml1.t,1660401151.cds224.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30559048
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73a2291bd89501df-ZRH
access-control-allow-headers
Content-Type
mi-1.13.9.2.js
snippet.minute.ly/publishers/30430/ 		182 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924

Request headers

Referer
https://kesq.com/
Origin
https://kesq.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hw
1660401151.dop007.ml1.t,1660401151.cds033.ml1.c
last-modified
Wed, 22 Apr 2020 12:51:10 GMT
server
cloudflare
etag
W/"1587559870"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE2UsK%2FYZalQyM4KAOrYIVIlU4c%2FId8E1NPv3OxVFZPZmR8okehqZa6wClY7vfrIBCbMfsqB7Q%2BKyoJrorfUwaXUNXSOBiDH5l9qexboIpscNq%2FtVd5OxscFg6aKjakecy%2BkGWXnlQEtyBtTZYiA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7884231
access-control-allow-credentials
true
cf-ray
73a2291bdf2b5a0d-MXP
access-control-allow-headers
Content-Type
css
fonts.googleapis.com/ Frame C461 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 13:15:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 14:32:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 14:32:31 GMT
css
fonts.googleapis.com/ Frame C461 		2 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 13:17:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 14:32:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 14:32:31 GMT
player.js
player.aniview.com/script/6.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=undefined
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.47/tvp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:68c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvIFJkXr7wn_W4RGvm5hkA62Bk9UHux9_A8ev_g4y5jgUpBDbUv8YdcsPj1jmTa9ukwVc5gajp2mR59hlir4G9mCPzAfV81
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9902
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"d53cdd7a78033fb87e44a85e2bf6cbd6"
vary
Accept-Encoding
x-goog-hash
crc32c=Q3cm9w==, md5=1TzdengDP7h+RKheK/bL1g==
x-goog-generation
1659879239336880
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9902
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Aug 2022 14:37:31 GMT
track
track1.aniview.com/ Frame C461 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=undefined&cid=5d429a4728a0615fb3632846&e=playerLoaded&cb=1660401157867
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame C461 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5c472eb498be9d618f4e850fbfa1608eaec1e73f7a9ca97fe28a19188bde740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/jpeg
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
138eaa1d891bff2711c315f16730611d486c4a6a038a4eeab0e203d05d804e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 13 Aug 2022 14:32:31 GMT
_.gif
counter.snackly.co/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a2291d2dc701e3-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:31 GMT
_.gif
counter.snackly.co/ 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a2291d2dc801e3-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:31 GMT
v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
apv-static.tldw.me/videos/ Frame C461 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Content-Range
bytes 0-1135366/1135367
Last-Modified
Fri, 12 Aug 2022 13:33:53 GMT
ETag
"1660311233"
Access-Control-Allow-Methods
GET, OPTIONS, POST
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1135367
X-HW
1660401151.dop221.lo4.t,1660401151.cds081.lo4.shn,1660401151.dop221.lo4.t,1660401151.cds219.lo4.c
ae055ff2-2ec5-42bf-b9ba-cbcc46ae7163
https://kesq.com/ Frame C461 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://kesq.com/ae055ff2-2ec5-42bf-b9ba-cbcc46ae7163
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
v-1c9db116-0678-410d-2216133-b359-a8a185563922-s144.144-152.619m.mp4
apv-static.minute.ly/videos/ 		186 KB
187 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-1c9db116-0678-410d-2216133-b359-a8a185563922-s144.144-152.619m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f324d9fce1e416f0df3daa21348a04807751a13426e3ae408671a2405998af58

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Fri, 01 Jul 2022 02:14:46 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1656641686"
X-HW
1660401151.dop205.lo4.t,1660401151.cds324.lo4.shn,1660401151.dop205.lo4.t,1660401151.cds006.lo4.c
Content-Type
video/mp4
Content-Range
bytes 0-190923/190924
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
190924
v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
apv-static.minute.ly/videos/ 		16 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 02:56:55 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660359415"
X-HW
1660401151.dop004.lo4.t,1660401151.cds272.lo4.shn,1660401151.dop004.lo4.t,1660401151.cds297.lo4.c
Content-Type
video/mp4
Content-Range
bytes 0-355962/355963
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
355963
v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
apv-static.minute.ly/videos/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 02:56:55 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660359415"
X-HW
1660401151.dop238.lo4.t,1660401151.cds074.lo4.shn,1660401151.dop238.lo4.t,1660401151.cds297.lo4.c
Content-Type
video/mp4
Content-Range
bytes 0-355962/355963
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
355963
v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
apv-static.minute.ly/videos/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 01:57:01 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660355821"
X-HW
1660401151.dop205.lo4.t,1660401151.cds324.lo4.shn,1660401151.dop205.lo4.t,1660401151.cds038.lo4.c
Content-Type
video/mp4
Content-Range
bytes 0-648970/648971
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
648971
v-c157f02a-482c-4b62-2295109-8cb5-3c3f10550e9b-s104.204-109.943s.mp4
apv-static.minute.ly/videos/ 		77 KB
77 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-c157f02a-482c-4b62-2295109-8cb5-3c3f10550e9b-s104.204-109.943s.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f217c3b955b5fafbac5ad518e92903d7cfb404260c7c66a61f4fee7ff9677bbe

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 07:06:36 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660374396"
X-HW
1660401151.dop212.lo4.shc,1660401151.dop212.lo4.t,1660401151.cds262.lo4.c
Content-Type
video/mp4
Content-Range
bytes 0-78685/78686
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
78686
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C461 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kesq.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
196240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 08:01:51 GMT
_.gif
counter.snackly.co/ 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a2291d2dc901e3-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:31 GMT
www-widgetapi.js
www.youtube.com/s/player/4c3f79c5/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c3f79c5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc29081bda373a618fe9d0c0d5f43fd9fb45fdd9c815b621ef2e2564217091c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
2948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53326
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 02:21:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 13 Aug 2023 13:43:23 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 7E8F 		387 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:68c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvCZwRGdTjbQjZ3NA15qBf6D_dlN5UXmXTEAzGyHSfceexCt3zYl9yrCMI65HCk9tvYolkfDxCyRPMvOPdYkLDBLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Aug 2022 14:37:31 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=kesq.com&sn=1324123&cd9=https%3A%2F%2Fkesq.com%2F&ic=0&tgt=0&app=&wi=754&he=424&test=&d36=6.2.41&apppkg=&fv=1&proto=https&clsid=e151ddd1-953d-4031-b930-1e3eb13c229b&rando=15&pid=5a16a1b928a0616e7966522d&cid=5d429a4728a0615fb3632846&stagid=&stplid=&e=inventory&vi=100&cb=1660401158106
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SUBID=1324123&AV_CDIM9=https%3A%2F%2Fkesq.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fkesq.com%2F&AV_PUBLISHERID=5a16a1b928a0616e7966522d&AV_CHANNELID=5d429a4728a0615fb3632846&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=kesq.com&AV_DADPOS=1&d36=6.2.41&responsive=1&sver=2&avtoken=158105&omv=1.0.1&clsid=e151ddd1-953d-4031-b930-1e3eb13c229b&rando=15&AV_WIDTH=754&AV_HEIGHT=424&AV_DNT=0&cb=1660401158124
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-3-164.compute-1.amazonaws.com
Software
/
Resource Hash
c7cb686657241a351277afb7ce196ae208dadc54c82222e29ebe37338db25958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://kesq.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 02 Aug 2022 00:45:51 GMT
v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
apv-static.tldw.me/videos/ Frame C461 		21 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2984c7d2ba479ea554bb684da330dbff904d7e3e8b85389d2cdd5d47cc6de753

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=1114112-

Response headers

Date
Sat, 13 Aug 2022 14:32:33 GMT
Content-Range
bytes 1114112-1135366/1135367
Last-Modified
Fri, 12 Aug 2022 13:33:53 GMT
ETag
"1660311233"
Access-Control-Allow-Methods
GET, OPTIONS, POST
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
21255
X-HW
1660401153.dop107.lo4.shc,1660401153.dop107.lo4.t,1660401153.cds219.lo4.c
v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
apv-static.minute.ly/videos/ 		28 KB
28 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b9b488db3fd162910f4fcc4060f0524deb455037422eea56be0f98c6e85ec480

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=327680-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 02:56:55 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660359415"
X-HW
1660401151.dop212.lo4.shc,1660401151.dop212.lo4.t,1660401151.cds297.lo4.c
Content-Type
video/mp4
Content-Range
bytes 327680-355962/355963
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
28283
_.gif
counter.tldw.me/ Frame C461 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.47/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw
1660401136.dop032.ml1.t,1660401151.cds015.ml1.shn,1660401151.cds015.ml1.sc,1660401151.cds015.ml1.p
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a2291e7cab01df-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:31 GMT
v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
apv-static.minute.ly/videos/ 		26 KB
26 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c5c2f4072b5ebad3ba0663369fb2684e3e83692b3711adf805042c704f3a0235

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=622592-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 01:57:01 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660355821"
X-HW
1660401151.dop211.lo4.shc,1660401151.dop211.lo4.t,1660401151.cds038.lo4.c
Content-Type
video/mp4
Content-Range
bytes 622592-648970/648971
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
26379
v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
apv-static.minute.ly/videos/ 		316 KB
316 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-d3fea9b7-3cb8-4a6d-2294726-ac8b-20f10594c007-s55.088-63.197m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d660840910d735fd79d7c4780b44c6c7056974f7becb37f0dabce26b243e67d8

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=32768-

Response headers

Date
Sat, 13 Aug 2022 14:32:31 GMT
Last-Modified
Sat, 13 Aug 2022 02:56:55 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660359415"
X-HW
1660401151.dop212.lo4.shc,1660401151.dop212.lo4.t,1660401151.cds297.lo4.c
Content-Type
video/mp4
Content-Range
bytes 32768-355962/355963
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
323195
v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
apv-static.minute.ly/videos/ 		584 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-aad0ed99-5878-42d2-2294549-b929-ffdc2466c8ef-s40.207-49.383m.mp4
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=32768-

Response headers

Date
Sat, 13 Aug 2022 14:32:32 GMT
Last-Modified
Sat, 13 Aug 2022 01:57:01 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1660355821"
X-HW
1660401151.dop211.lo4.shc,1660401151.dop211.lo4.t,1660401152.cds038.lo4.c
Content-Type
video/mp4
Content-Range
bytes 32768-648970/648971
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
616203
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: kesq.com
URL: https://kesq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
W2S5A87EG1C89ADE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by
cache-hhn4030-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1660401152.016057,VS0,VE0
date
Sat, 13 Aug 2022 14:32:32 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21934
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37799b91c6473354d61b589f9e8dc6210a28499e36ca57a912eea8201a5744bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11010
x-xss-protection
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158748/5611/ Frame 7E8F 		214 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158748/5611/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72b88b6dd3591e047ebc4e90d6b42b95f9950d242912bbd86c145f05a6b78011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:42:26 GMT
server
Apache
etag
"16e2336-3593e-5dda4a7fa3ed9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=149643
accept-ranges
bytes
content-type
text/javascript
content-length
69778
expires
Mon, 15 Aug 2022 08:06:35 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 28DB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=minute&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26bidd...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=200&key=OPTOUT
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 13 Aug 2022 14:32:32 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 13 Aug 2022 14:32:32 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=200&key=OPTOUT
pragma
no-cache
/
onetag-sys.com/usync/ Frame 7F06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=61d67b18f4d0980&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame D596
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=55&key=2823204680093873736
0
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=55&key=2823204680093873736
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 13 Aug 2022 14:32:32 GMT

Redirect headers

AN-X-Request-Uuid
606459e8-6d44-4ca6-899a-63d3d42bb656
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Aug 2022 14:32:32 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=55&key=2823204680093873736
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.102; 146.70.117.102; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
usermatch
ssum.casalemedia.com/ Frame 9434 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333ac1f00230fa9c049e067ffa0091c9fb4c12d23024ffbde4699c8b6612fcf0

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73a22920fd9e5c0e-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Aug 2022 14:32:32 GMT
dropped-udsids
241|230|39|73|90|3|31|46
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgpIlMFR4oj3DLWgQrvvpqC4YZPbibiS5ohkRtYigoDxP2DkOXor0dCHJxZzh7TZV5J8J6t9d%2BNCOcmxIdteI%2B5VAAG7QpCGXpejRpvTaybnknsWJp9BqsYhrMTaxX%2Bm9VdPTUSZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame FD8E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D2%26key%3D%24S...
  • https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=2&key=c43fc9e8-1b14-11ed-8bdd-190e06a80406
0
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=2&key=c43fc9e8-1b14-11ed-8bdd-190e06a80406
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 13 Aug 2022 14:32:32 GMT

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Sat, 13 Aug 2022 14:32:32 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=2&key=c43fc9e8-1b14-11ed-8bdd-190e06a80406
Server
nginx
X-fe
121
occ
ups.analytics.yahoo.com/ups/58543/ Frame AFB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sat, 13 Aug 2022 14:32:32 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7E8F 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:68c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvNTaLMxw2N6EgSmzqLD2A5j3PUaLSy6Cil2HnG5Rf80hoKAMSFO6l2cx478bau0FgGdyk-UFJgbYeBxZ3F1KeGVmn4LbJ8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Aug 2022 14:37:32 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7E8F 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:68c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduK5Fb_p_Q806c_mw5KqwwfM0vMgrBftdwxAMVgVV8YDpBAg810r5MHcQc8V27aJarlkXbiOv84Sj8xndZFljiY5wKBcHvn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Aug 2022 14:37:32 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401158536&asid=62f4b1d11f9d665e0017b274%2C62ea8eabfa7d16490b329846&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 14:32:32 GMT
NRJS-732a47d8cba967ef727
bam.nr-data.net/1/ 		49 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-732a47d8cba967ef727?a=615752172&v=1216.487a282&to=YQBWZkNZWxFXVkJfXlhKYUBYFxoLWFFTTh9GDUQ%3D&rst=9031&ck=1&ref=https://kesq.com/&ap=1120&be=1700&fe=8942&dc=4786&perf=%7B%22timing%22:%7B%22of%22:1660401149523,%22n%22:0,%22f%22:578,%22dn%22:579,%22dne%22:579,%22c%22:579,%22s%22:855,%22ce%22:1144,%22rq%22:1144,%22rp%22:1664,%22rpe%22:1970,%22dl%22:1674,%22di%22:4786,%22ds%22:4786,%22de%22:4795,%22dc%22:8941,%22l%22:8942,%22le%22:8981%7D,%22navigation%22:%7B%7D%7D&fp=4453&fcp=4453&at=TUdVEAtDSB8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:32 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
73a22920aa365b26-FRA
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249803/0/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1954 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:27:29 GMT
expires
Sun, 13 Aug 2023 14:27:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FEF8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9e8f282855bc9b8bfea66787caff16306d3edef2ff5f008dc2add0fd97e2b7ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OVIWFfkeQvhjtDAZTaNuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kesq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-OVIWFfkeQvhjtDAZTaNuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 14:32:32 GMT
expires
Sat, 13 Aug 2022 14:32:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame 1954 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 13:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 13:08:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FEF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=2375980295383820&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame 9434
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
10DRQSCEJNEDBTC1J8EN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 14:32:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
76AP56AGWCRAWVTKADAV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9434 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9434 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9434 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e5d2:c58:d552:4f0b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
no_match_opted_out
um.simpli.fi/ Frame 9434
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 14:32:32 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sat, 13 Aug 2022 14:32:32 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 12 Aug 2022 14:32:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 9434
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=313f62f7-b601-4900-afa8-0ea6469664f6&gdpr=1&gdpr_consent=
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=313f62f7-b601-4900-afa8-0ea6469664f6&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73a22928bb0091d8-FRA
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEBV2ShILzrT%2BdGSNRrh0Ybax2UAoS3WQ6F487yLmKCPjEZljdaiBTUrHCDNAiyinj4JTGWXw0NWgEdRpH%2BJFS5TINUvmd64ZQYxFYQjo%2BZ1bmqVQkdEZLN3fcK%2B%2F7p3HAz1q%2FunFaQzmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 13 Aug 2022 14:32:33 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=313f62f7-b601-4900-afa8-0ea6469664f6&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Aug 2022 14:32:32 GMT
noop
px.owneriq.net/ Frame 9434
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7136875521312367589&uid=Q7136875521312367589&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 14:32:32 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 13 Aug 2022 14:32:32 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
getuid
secure.adnxs.com/ Frame 9434 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
cookiesyncendpoint
sync.aniview.com/ Frame 9434 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660401151971-983581181206-006765-003-002780&biddername=42&key=Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660401151971-983581181206-006765-003-002780%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401158725&asid=62ea8eabfa7d16490b329846%2C62f4b1d11f9d665e0017b274&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249803/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://kesq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://kesq.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 13 Aug 2022 14:32:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1213
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=PEuhMXx6UXlrVTFnTUR1aVNvcFdZOGVCS1NyRElmVEViWjRwaDhTOHo5WnNiMzB3RVU0TTdTS1pOTlRYVGpicUJ5MlFtL1ZVYUwzeDZ3RzNCeXJpZ2VrSGNjNllRS2pXZGlrM2JldFgyblB3ZTdObFZWdUxzQUpUR2dycl...
337 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PEuhMXx6UXlrVTFnTUR1aVNvcFdZOGVCS1NyRElmVEViWjRwaDhTOHo5WnNiMzB3RVU0TTdTS1pOTlRYVGpicUJ5MlFtL1ZVYUwzeDZ3RzNCeXJpZ2VrSGNjNllRS2pXZGlrM2JldFgyblB3ZTdObFZWdUxzQUpUR2dycllPYjk5YWZ1SDJUdGdXZUlYWG1GYmUwRzdJeWl0SWtyNWYvQm5MNW1QeDR1QUVCdmFPdEJxeE5pL1JuRm5ldDhucVQ2UmIwbVpTcmk2L1A5NmFydUhYRjVQMm9WR05qK2QzZ0J1YjBqVk9jK3BjdXpnRzVvPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2f74bcb7ce439f404f0b4e2cc8d70ec121085c125e5d1b5e6bf88ce452bea44f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3013
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
location
https://mug.criteo.com/sid?cpp=PEuhMXx6UXlrVTFnTUR1aVNvcFdZOGVCS1NyRElmVEViWjRwaDhTOHo5WnNiMzB3RVU0TTdTS1pOTlRYVGpicUJ5MlFtL1ZVYUwzeDZ3RzNCeXJpZ2VrSGNjNllRS2pXZGlrM2JldFgyblB3ZTdObFZWdUxzQUpUR2dycllPYjk5YWZ1SDJUdGdXZUlYWG1GYmUwRzdJeWl0SWtyNWYvQm5MNW1QeDR1QUVCdmFPdEJxeE5pL1JuRm5ldDhucVQ2UmIwbVpTcmk2L1A5NmFydUhYRjVQMm9WR05qK2QzZ0J1YjBqVk9jK3BjdXpnRzVvPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kesq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1452
content-length
482
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401158791&asid=62f4b1d11f9d665e0017b274%2C62ea8eabfa7d16490b329846&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/249803/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
supply
events.browsiprod.com/events/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=d6f6658d-0850-4f6d-aed1-116a424d9954
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.4.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.150.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-150-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://kesq.com
date
Sat, 13 Aug 2022 14:32:32 GMT
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame 1954 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DbaWvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PEuhMXx6UXlrVTFnTUR1aVNvcFdZOGVCS1NyRElmVEViWjRwaDhTOHo5WnNiMzB3RVU0TTdTS1pOTlRYVGpicUJ5MlFtL1ZVYUwzeDZ3RzNCeXJpZ2VrSGNjNllRS2pXZGlrM2JldFgyblB3ZTdObFZWdUxzQUpUR2dycllPYjk5YWZ1SDJUdGdXZUlYWG1GYmUwRzdJeWl0SWtyNWYvQm5MNW1QeDR1QUVCdmFPdEJxeE5pL1JuRm5ldDhucVQ2UmIwbVpTcmk2L1A5NmFydUhYRjVQMm9WR05qK2QzZ0J1YjBqVk9jK3BjdXpnRzVvPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 13 Aug 2022 14:32:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1151
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
_.gif
counter.tldw.me/ Frame C461 		0
157 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.47/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw
1660401136.dop032.ml1.t,1660401152.cds015.ml1.shn,1660401152.cds015.ml1.sc,1660401152.cds015.ml1.p
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a22924ae9d01df-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=2375980295383820&bg=!PD-lP3vNAAa4hXTbmIU7ACkAdvg8WnevCJrWlyq6tzrRMG97q7x8bhKojs77Om9e-5On3Ni54_o0cgIAAACbUgAAAAZoAQcKAG5GG6e-eim-NRW3ezJJlBCyRf5p6Ob-phcFarxUe5f4O4B-YHzqlehBV3TDUO4TGkzYS6H5Io_gaTAyrlSBhvuzeCUZ23DgW2yqecHTJnabJKEFQjvtmzEgWi2TSRnLVzel1sQdUWhvhqSiRlj-oZkC9GNZn8G5XtAG984PZO7Prr1blDfeDRKuCGfVOIHiHlwOac4Vx0e2lk31LTaq5cuiSiyoUt29q9wgraDzX3HWEOyMBzqm_Ebm7pgOJPL8eoEB5Joo1wJw4L_2c9XaR_bKNSie9Iqi9A8dkTQUDhiQLoCU_lIU-PCZYH3md2j0gBXXLPwoNwDKvm1OaP2JTy4hq7dX0PFYnALHhDV0bEUYXtu-DETLR36Rxu8wJHRk9iDPFK2UeoZULM36mmCrm40GzFKBBjQB8yhTwJSh0S35lIVcZX-dgEe6Gnfm_-_xxg3moVnP32Ksh3OaXNKq2JQIp9_EAODDOADvawNDJxXYn-0SrlHQ0lSQCATyTtrVkwF4ugiiaGdi82rTAcSQdyUbYanOHKSwAAT14M72zZFv1T7lazj6mc6GLmdccBpu85u_MYyakzzxxWPkGogjQyJGZKiNUQGdScP1JRJkLMKP9fBPo3Cv8tXIhJZ8_rXHazMWx2bqc4eJxWnWwdR3dw7CkJ15xQu3ZjGiU17rBX0AZVT9gLPrRb0pze4bx3Vp3USMlH5ITVDGzM7RZALeBRAVkJiROcL2IBhHUNZF4LefzxCELdVNnit-Hu01gaWqzVhDr0bO6r5ftQihao-EBsv7ee-BQ_HQh-jsOa_ic6SfYiwLBf6R7IC_zXzx73j1NkQSrU757I4YkcJSjeCmnrJrE5hjH0iIV-M8cRoeN4_-NGEEMV5d8A9uVzbisdB200DFr7KPcu_MowgF-C0JhhQ7CWv67uZTu236EzpwYr_f26ShE9bg5v18yNBCq4_uB0hxSD5-FNVH4n-RQeGY7qt5OlohNXctH7B0GgNbZCiHOLOt8RaVswO6NwufuxJz3xedKrOuMXAP9gX4b030TYTIvOOf35Pc94deRA5DFQm-QKMFcXP36RzT5--8q6oE6ukIrZe5wJSGtaf-ooAkrDyocqj480tlCW1d26QHI9WzjnKkkpzC9RWpN5F2wjbf19N9fKzvDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
239.jpg
events.kesq.com/wp-content/uploads/2022/07/ Frame 971F 		285 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.kesq.com/wp-content/uploads/2022/07/239.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.203.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
69f4c0e2968b3abf25f440ea9750e2e01fad20dc34ad3ac45fbb95171fdb0763
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:33 GMT
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
292002
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Jul 2022 04:00:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62d62c41-474a2"
strict-transport-security
max-age=63072000; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges
bytes
v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
apv-static.tldw.me/videos/ Frame C461 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-60136006-b093-4aec-2293549-be40-8b3035f4db89-s74.908-83.483tvl.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://kesq.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=32768-

Response headers

Date
Sat, 13 Aug 2022 14:32:34 GMT
Content-Range
bytes 32768-1135366/1135367
Last-Modified
Fri, 12 Aug 2022 13:33:53 GMT
ETag
"1660311233"
Access-Control-Allow-Methods
GET, OPTIONS, POST
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
1102599
X-HW
1660401153.dop107.lo4.shc,1660401153.dop107.lo4.t,1660401154.cds219.lo4.c
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401160840&asid=62ea8eabfa7d16490b329846%2C62f4b1d11f9d665e0017b274&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/249803/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
_.gif
counter.tldw.me/ Frame C461 		0
157 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.47/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 14:32:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw
1660401136.dop032.ml1.t,1660401154.cds015.ml1.shn,1660401154.cds015.ml1.sc,1660401154.cds015.ml1.p
content-type
image/gif
access-control-allow-origin
https://kesq.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73a2292f0e6d01df-ZRH
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 13 Aug 2022 14:32:34 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401160928&asid=62f4b1d11f9d665e0017b274%2C62ea8eabfa7d16490b329846&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/249803/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=kesq.com&rs=kesq.com&sid=52514&t=1660401151&cip=146.70.117.102&sn=1324123&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=754&he=424&app=&AV_PUBLISHERID=5a16a1b928a0616e7966522d&test=&aafaid=&proto=https&uid=1660401151971-983581181206-006765-003-002780&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=20221360477&d39=&d65=&apppkg=&cd9=https%3A%2F%2Fkesq.com%2F&cd8=1324123&d9=1000&d37=realtime&AV_WIDTH=754&AV_HEIGHT=424&&copid=5a16a1b928a0616e7966522d&nid=603f65a2e291680ef30af9c7&cocid=5d429a4728a0615fb3632846&ncid=62ea2fa47698d82437145764&coasid=62ea305e478eca005a632f54&e=request&cb=1660401160968&asid=62f4b1d11f9d665e0017b274%2C62ea8eabfa7d16490b329846&ofpr=2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.215.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-215-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kesq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/249803/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249803/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/249718/0/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/249718/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kesq.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kesq.com
pragma
no-cache
date
Sat, 13 Aug 2022 14:32:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require object| _wpemojiSettings function| ia object| _0x107e function| _0x4154 function| docReady object| $jQInv object| _0x3d1e function| _0x2c35 object| ImsSDK object| ims object| io object| adViewability function| init function| playVideo function| getAdParamters undefined| $ function| jQuery object| sss object| current_super_speedy_search object| sssdelay string| lastsuperspeedysearch function| super_speedy_search_request function| sss_updateQueryStringParameter function| super_speedy_search_result function| loadScript function| getStoreKey function| readStore function| writeStore function| resizeSOEmbed object| observer function| initPostRobot undefined| returnExports object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| awd_admin_ajax_url object| dataLayer undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| browsitag object| blueConicPreListeners function| BCClass object| blueConicClient object| targetingParamStr undefined| targetingParameters object| __dsns_ function| gtag object| googleToken object| googleIMState function| processGoogleToken function| onClickBack function| _fwMsg number| google_unique_id object| gaGlobal function| convert_to_url function| pass_to_backend object| vttjs function| WebVTT function| videojs function| moment function| _ object| Backbone object| wpApiSettings object| wp object| _0x172d function| _0x5b76 object| adRequest object| _0xf161 function| get_node function| eval_main function| eval_expr function| eval_value function| eval_existence function| eval_boolean function| eval_comparison function| do_comparison function| eval_array_comparison function| eval_array_property function| eval_array_property_exists function| eval_property function| err function| isstring function| isnumber object| VERSION object| _0x5193 function| _0x27fd function| _typeof object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| $sf object| IMSTAG string| browsi_bootstrap_loaded object| google_tag_manager string| GoogleAnalyticsObject function| ga object| __post_robot_10_0_31__ object| postRobot object| teads_analytics object| focusWithin object| PojoA11yOptions function| ss_plugin_loadpopup_js function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_660905635233 boolean| ai_js_code function| peg$subclass function| peg$SyntaxError function| peg$parse function| imsRuleParse object| twemoji object| _vfP object| __core-js_shared__ object| core boolean| vfLoaded function| setImmediate function| clearImmediate object| regeneratorRuntime function| ai_document_write string| selector_string object| mobile object| sizes function| __browsiLoadFunc object| __browsiLoadObject function| ai_process_lists function| ai_process_ip_addresses object| gaplugins object| gaData object| vfQ object| viafoura object| vf function| onYouTubeIframeAPIReady undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent object| _middyo boolean| msgData function| parcelRequire function| InteractionTypeImpl object| t object| adblockDetector object| KESQ_EventsWidget object| _gaq object| pbjs object| Mustache object| _bcp function| BlueConicMetaDataService object| bc function| BlueConicEngagement function| RuleService object| justDetectAdblock object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| JSONPath function| pbjsChunk object| bc_json969 object| _gat object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min boolean| _minAlreadyLoaded object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| avPlayer object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| storageAni object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

74 Cookies

Domain/Path Name / Value
npgco.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 671b177c-94a3-452f-a418-53381b403e66
.postrelease.com/ Name: opt_out
Value: 1
kesq.com/ Name: ntvSession
Value: {"id":5978118,"placementID":376325,"lastInteraction":1660401154210,"sessionStart":1660401154210,"sessionEndDate":1660435200000,"experiment":""}
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.R9I6IRYJRf4SHbcg8odUWp1wqAgKf_yjOwX8wyGap2YmhknGQfO6aA.ID8b-9hFXKFSGRO3.fSMc0BgyxT86-vuF9mq0Qy4q-07inYnAEyiuQpUIi6aTJtydn8S2Dkj7-zLdltvrQtUF027kTwdjoiGtSMwGHr7s2eiA6HHgxgrvkhmFA79lsqPXcm2qbi_GunvoLvbHVjjptlwzno7JthJSPOE-Nx0yjZ6kOwX6_X5DAYNnmqnb5xINdSVpkUE6e5JpOOxJUYQnCMzoJv40o1CdtMnl10yFtK5FSwgESEeInpGTAkYW5wBZ-_GDHvHQviz6s4EHG9BWexWnfbjPA333HAFSYJqvDyuPYctxHNvf1AXKRYVWJVf8tg5QgWoxl1eeCN7eFRa8slfy-vGANkNhcIKTfacLHiDIaZKjNKMwHNv_nYQ.Es_2qXX1SpYCuXXu4yx_4w
.pymx5.com/ Name: _ia_version
Value: 2
kesq.com/ Name: __browsiSessionID
Value: c667b61b-200d-4c25-9c96-551e70cc8708&false&false&DEFAULT&de&desktop-4.4.8&false
kesq.com/ Name: __browsiUID
Value: 2937988c-216d-48b3-a861-9582fc38cc3f
.kesq.com/ Name: _gid
Value: GA1.2.1789611911.1660401154
.kesq.com/ Name: _gat_gtag_UA_19610616_1
Value: 1
.kesq.com/ Name: _ga_T7ZNM1KRXQ
Value: GS1.1.1660401154.1.0.1660401154.0
.kesq.com/ Name: _ga
Value: GA1.1.1711031756.1660401154
squareoffs.com/ Name: testcookie
Value: testcookie
.quantserve.com/ Name: mc
Value: 62f7b5fc-3c836-8ef9a-2aca9
.kesq.com/ Name: BCSessionID
Value: 671b177c-94a3-452f-a418-53381b403e66
squareoffs.com/ Name: _square_offs_session
Value: R2FQYnd5Sm1YYytRYU83UnZHV003YUJuMmZFbWg1NVZ4VzlLZ3NDSHQ2dWJhcmx6MWpNZmJLWGNxcjZpWis5b1lnbE1EOHBNeUtIdXY4aEIyUmdTTmlXMGhMTVhyWkpiVzB4M3dVUHdQVWFQNHUyWUlJSnFnVU54aGdaL243S0kvS0ljWFVaR0tITTBROU5NOGtEeGdQNmQ3bm5kbnI0N2gzUVVpVi8vWWw2anJQQTZXZkp4VVdxTGwwNHdnVWptd3cxNlFEVzdxZmNGZ1JDd0o1U1BTZz09LS1BSXlMWE9idFJlc2tXNmhPY1JJQ2V3PT0%3D--32aacc3743e6ebe96d7a6ca61a41c6390a6f326e
.nr-data.net/ Name: JSESSIONID
Value: 217712967e6b127f
.viafoura.co/ Name: VfSess
Value: srbqeg23h65uv6g1bh6t49rakf
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
kesq.com/ Name: _vfz
Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.1660401155.1.medium=direct|source=|sharer_uuid=|terms=
.kesq.com/ Name: _vfa
Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.76af639e-6ec9-4adf-9011-8be11c3972a2.1660401155.1660401155.1660401155.1
.kesq.com/ Name: _vfb
Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.2..1660401155....
.kesq.com/ Name: __gads
Value: ID=5818053ac1604292:T=1660401147:S=ALNI_MYseaowtcyoeFnDJt2AhaMhlJXK2w
npgco.blueconic.net/ Name: AWSALBCORS
Value: wCY6KlLS9YtuelGsOsDexhbGBgrTs7vaWJqnkWxM8xhB7NA7JV+fxwZjz8VyILk+pL9RC2ohgmRChvJF1XDG7yWAHKj0v7rPYjDQWyXBQPs1HS4/eshgzJWOEABn
.doubleclick.net/ Name: IDE
Value: AHWqTUkIbRbP1bDOV6wpj9KehlDZyPiWsgs0PrmqpNsNUzX1qkPcM2N6vZ-t81labKk
.viafoura.co/ Name: vfDeviceId
Value: fd996843-661d-4234-95b9-5fd8ef7b1974
.kesq.com/ Name: __utmc
Value: 98699140
.kesq.com/ Name: __utmz
Value: 98699140.1660401156.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.kesq.com/ Name: __utmt_ds
Value: 1
.kesq.com/ Name: __utma
Value: 98699140.1711031756.1660401154.1660401156.1660401154.1
.kesq.com/ Name: __utmb
Value: 98699140.1.10.1660401156
.quantserve.com/ Name: d
Value: EFIBCQHsJoEA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In=vZPr0!]tbPl1M>e)ZlrFUfJ+tGXxo@G8O-2?2l+E8aSX2Vz*CD@gE7WaaV.WuWT<l3If)y3KL9D3I?+wJ?R4'
.adnxs.com/ Name: uuid2
Value: 2823204680093873736
.casalemedia.com/ Name: CMPS
Value: 1127
.casalemedia.com/ Name: CMID
Value: Yve1-Tf8hMPaCDxZjivyfwAA
.casalemedia.com/ Name: CMPRO
Value: 1127
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022081314323000026697446742
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62f7b5fed98171af
.addthis.com/ Name: ouid
Value: 62f7b5fe000163ea147db883a267811fb3536df6c00e747846c7
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220813
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.kesq.com/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%2296db20838e-2e48394268-e361c0153a-386275d9cf-5660cb22d5%22%2C%22uid%22%3A%228818054aae-09ed44e0ca-e372eb8d48-935ab44816-ef0154933f%22%2C%22__sidts__%22%3A1660401157695%2C%22__uidts__%22%3A1660401157695%7D
kesq.com/ Name: minVersion
Value: {"experiment":1647633311,"minFlavor":"yt_supportmi-1.13.9.2.js100"}
.kesq.com/ Name: minUniq
Value: %7B%22minUID%22%3A%22bc7dfa5c41-9a44d256f4-a9554034ed-381e14dfb8-07319a33ff%22%7D
.kesq.com/ Name: minDaily
Value: %7B%22testMode%22%3Afalse%2C%22dailyUser%22%3Atrue%7D
.kesq.com/ Name: minBuffer
Value: %7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D
.kesq.com/ Name: minSession
Value: %7B%22minSID%22%3A%22116bb7fe9f-c2ecb42466-ad0d243724-d6c0828e1f-8fb073cfef%22%2C%22minSessionSent%22%3Atrue%2C%22hadImp%22%3Atrue%2C%22sessionUniqs%22%3A%22%7Btime%3A1660401157987%2Clist%3A%5B27729811nf0%5D%7D%22%7D
.youtube.com/ Name: YSC
Value: ESxhMRVb50I
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cQAEHBZTixg
kesq.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: CMST
Value: Yve2AGL3tgAA
.casalemedia.com/ Name: CMRUM3
Value: 2762f7b6000b40&1f62f7b60005a00&2d62f7b5fd05a0CAESENy3kKQCZ73jl-4jYI8AR3s&2e62f7b60005a0&f162f7b60005a0&5a62f7b60005a0&e662f7b6002760&0362f7b60005a0&4962f7b60005a0
.kesq.com/ Name: _pubcid
Value: 62013da5-397c-4e75-b82a-6d596686624d
.owneriq.net/ Name: si
Value: Q7136875521312367589
.owneriq.net/ Name: p2
Value: cc
.simpli.fi/ Name: suid
Value: 91EA45C9EEBF454BAB3D790FA58C60EF
.yahoo.com/ Name: A3
Value: d=AQABBAC292ICEMJUtJBsk-Gz6B4xbj2QKokFEgEBAQEH-WIBYwAAAAAA_eMAAA&S=AQAAAj_U5lw6rAtY6HQek6beeX8
.spotxchange.com/ Name: audience
Value: c43fc9e8-1b14-11ed-8bdd-190e06a80406
.aniview.com/ Name: 2_C_55
Value: 2823204680093873736
sync.aniview.com/ Name: 2_C_55
Value: 2823204680093873736
.aniview.com/ Name: 2_C_42
Value: Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB
sync.aniview.com/ Name: 2_C_42
Value: Yve1_Tf8hMPaCDxZjivyfwAABGcAAAAB
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.aniview.com/ Name: 2_C_2
Value: c43fc9e8-1b14-11ed-8bdd-190e06a80406
sync.aniview.com/ Name: 2_C_2
Value: c43fc9e8-1b14-11ed-8bdd-190e06a80406
kesq.com/ Name: cto_bidid
Value: 8PBTxl94NkZaVVZlRFJBeVl1NzlhcXdreiUyQkFwYlhvRlduNjhVc3pJTjZhQmtvT0hwYmRhWHhkSGx5cjljdHpxb2FSNTc1b1FIaiUyQnVWbVYwUVN5c2p2U043b0ElM0QlM0Q
kesq.com/ Name: cto_bundle
Value: k0_MEl9zd2RVMElEMmE3Nll1c3BmYVdCbXB3T1VrS3REM2JhbDFCYkRwc2R6d1NSUVBqdWhoMDhuOUNPZTk4NnF2bzY1ZFB6NnlhOUdUS3Q5U3VrNTNOSDVlOW9XcjdvS05OYWx1bDFXdzRndVlvMnVRSlBlTGtQajBzZjRBMFlxc1dpSw
.mathtag.com/ Name: uuid
Value: 313f62f7-b601-4900-afa8-0ea6469664f6
.casalemedia.com/ Name: CMTS
Value: 1204

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, camera, magnetometer, microphone, usb. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

254a4e77b035c197d53cdc8dad45b3d4.safeframe.googlesyndication.com
a.teads.tv
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.pymx5.com
api.viafoura.co
apv-launcher.minute.ly
apv-static.minute.ly
apv-static.tldw.me
assets.squareoffs.com
at.teads.tv
bam.nr-data.net
cdn.blueconic.net
cdn.browsiprod.com
cdn.jsdelivr.net
cdn.viafoura.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
counter.snackly.co
counter.tldw.me
demand-engine.browsiprod.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
events.browsiprod.com
events.kesq.com
feed.mikle.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.viafoura.co
ib.adnxs.com
image6.pubmatic.com
jadserve.postrelease.com
js-agent.newrelic.com
kesq.b-cdn.net
kesq.com
match.adsrvr.org
mug.criteo.com
npgco.blueconic.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
plugins.blueconic.net
pr-bh.ybp.yahoo.com
px.owneriq.net
pymx5.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
s3.us-east-1.wasabisys.com
s8t.teads.tv
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
snippet.minute.ly
snippet.tldw.me
squareoffs.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
tag.1rx.io
tpc.googlesyndication.com
track1.aniview.com
um.simpli.fi
ups.analytics.yahoo.com
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
yield-manager.browsiprod.com
z.moatads.com
103.229.206.241
104.18.18.126
104.18.19.126
104.96.159.65
13.32.99.8
142.250.181.226
142.250.185.66
151.101.130.137
151.101.130.202
162.247.241.14
169.50.137.184
172.217.18.2
178.250.2.146
18.156.0.31
18.206.3.164
18.66.139.105
18.66.97.37
185.94.180.125
198.47.127.19
2.18.232.7
2001:4860:4802:34::36
205.185.216.10
213.19.147.43
213.19.147.44
23.35.237.151
23.47.208.212
23.47.209.72
23.47.209.80
23.7.201.234
2600:1f18:44f0:4864:14f2:f07b:baf3:641a
2600:9000:223c:5800:8:2ae1:d740:93a1
2600:9000:223c:9800:6:44e3:f8c0:93a1
2606:4700:10::6816:48ae
2606:4700:10::ac43:b0e
2606:4700:20::681a:bda
2606:4700::6810:5814
2606:4700::6811:190e
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:12a:8000::1
2a00:1450:4001:801::200e
2a00:1450:4001:802::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9d
2a00:1450:400e:80c::200a
2a02:2638::1c
2a02:26f0:3500:68c::2c79
2a02:26f0:6c00:1ba::26e5
2a04:4e42:600::729
2a05:d018:d29:3605:e5d2:c58:d552:4f0b
34.214.150.162
34.237.215.38
34.96.74.203
35.172.42.197
35.186.253.211
35.223.203.253
35.227.203.93
37.252.172.123
37.252.172.250
38.27.106.51
51.75.86.98
52.211.246.129
52.217.128.136
52.223.40.198
52.46.151.131
52.72.67.212
54.144.218.90
54.170.230.96
54.174.213.70
54.194.96.60
54.74.111.76
69.173.144.165
89.187.169.3
000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03691b6669a22fa6daff030b2bececc4f1ca300d90b444d85812cdfce552c992
0412324af43079788f00548e7536deaf70a16ff08b76dd2c65f767d1bd0382ab
062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156
07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d
0879d98559c8e27797788a87521a624188b93b24c7fa99df9f870bf1b323191d
09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bda6d67e4e10db70ae5a65ce781a7f856d33b3a48027f22fcda330cbaeab668
0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
0dc29081bda373a618fe9d0c0d5f43fd9fb45fdd9c815b621ef2e2564217091c
0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b83d9a2619ee9d02fc25d784ee1f85e717f2e21d6dbb70dd9b02a8ef0d37c7
138eaa1d891bff2711c315f16730611d486c4a6a038a4eeab0e203d05d804e00
1766d3f3f76295962d35fa59fa9afd7184437edccbdb0e0293468e8dc23f93a3
176fec6a7fad473d3102d548facfa993bedf4322dca6c0c308ac46d0ef7265c9
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
1958d7d53006e287cd42b0d5dbc5f26475e67c39e00ba21ad9e5f5a34a39e445
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944
1e600a7debd226f2859e7f861535e22b0580cd80f956a1e586b680440cd9048d
20dd55f5158dd6daa30e062649c9bad8584ff07b6bb4a4a2157fe9da05dd355f
230f41ad017fc6decd1c9167616eac8b02deace88a0587dfac7dc56c5bf6bbf9
2354fcb0787aa3e654b500c2c30be125ca059202732261b1a69e9bfad8f80622
2356e0cfa404452ba162bd881ff100ec108eae5a91b5566a922fc66b78a7096e
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
24d4b4e55d1b3b79707099b0c7c756dc5863d7ae4c3735258c561a924cf70010
2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d
284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265
28f9df67cfacbd3e75a610580a13be0e557c66f6f2d6648eb0926b3e4d5b98f1
2984c7d2ba479ea554bb684da330dbff904d7e3e8b85389d2cdd5d47cc6de753
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b59ca8bb148dd09702bfd517affa8fcfd4311768872e7d51ba1978672e44984
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
2e6960e27d1e2205a558b6be0996f954906d17646857fd11c31229b4e19bdcd8
2f74bcb7ce439f404f0b4e2cc8d70ec121085c125e5d1b5e6bf88ce452bea44f
2fbbae4abf7e1b517f1f8eae51d45b771e95aeaf3975671750c3ed138c09de78
3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2
30238015ace7c59521ab23dcda63e83d0dd715c77e548ffd70fdfad89c683197
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9
31c85cc6147bdb0f54524cfbaefe5af4834364821fa95d371591e2242c3789e9
333ac1f00230fa9c049e067ffa0091c9fb4c12d23024ffbde4699c8b6612fcf0
33c3d4cd5225958f1d3cf773cf175941e6cdccb7b50d6f32b7fdadd84056ba98
37799b91c6473354d61b589f9e8dc6210a28499e36ca57a912eea8201a5744bd
3796c3c2b32c8905b67fe633670145d06f5967da61e0ba2505f67e868b441f45
37e83eed7df5e6cecf0fade22443744e8401ac540625ff0d65128f39e5897c10
3962092881c2463cf6a930cc815c05d1fffdea3c8b2f6220b0de85e31f81784c
3a43bf8f2ce4a81899088569d8346e9d452be168d67a637ea7094945ecbac7bb
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3ee2434ce23ca4d485aa7ee3e31627b462d2e67c261d19e370db21e3e26e1a3d
3f88bd2fd79e49bea67ca9456b79facac3769c5703a6f33826e21301d83e7255
417e449a2dc1b9e03f316fd5705aa81e6c2113c4e3099a8bcb093c537741e86b
41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
427cd20c734ff44e69a44da468c62e73c947b22754f6b970483f253c5c322fd0
42e5e26cda9ea1e7c1ac9adc2a588491ca4fe927fa52f9e760033ed094d7183c
436bff18353cdd23f319497c726b6d88c27dc3a90b176ff7cc16bc5f0ffd8906
43bd00bf0c2198b4aba59515350712431bf4d08d14aecd6dbd8b780d74b78c9c
463ced94d9222d9f5ffe8aa33b3775bcea88be4e082c3d94f19c5022ba453bd3
47fc8777d4617343fe70714411940f12db53a742debfc8c41f536475a0ba70d2
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
48c98607fae8582a4942705296dbbb0bfbd4851fc82b41e84add75dd5096f695
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c931ad7b0e7edda6750652330e53ff0d32caa1c355dbe7287d43b120eaa347e
4d1816b25a66dde1911383733ea407c5d05a3311acd206d556dfed430ed622ee
4dea9ade3aa20e3551c8db2df43d80af17a0b0d1b45e083c2f4be7aa2a0a4a66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4fa4ebe6b7dc050955af61f44380639a2a21b56bbfec71df6697f8dff521b59e
5032da8d0203f9ec6d572065c2d73012fe274e7ec53bd9f1be20905d191b653f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5180cded0ef18f7d22171f5880a22bd6f8b827b2655fe2a187f24fd5852b024a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e4c1b7812c446409c03ee22281d60aafc37bf76bce24c16c55a1818b2dd853
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5bca2d4288328711026ee112d545ab38fc8e56e5eb81ce85befa09b4d16dbc0c
5d7e73acdc9932a7e08da0d7549e6205b759f3e586089107517fc1348dc70d33
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dfa7c3e2fa1690d5cc553bc431c7177abe54d0c82b58ada465b2288405834c
64bd403de03c6f3d2ad7ec8f39ea5e52a5528e92524a0eea686e3dc440e5b894
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67756f3d98f02b4e864a41b07d31df218bd75dfd36676864d22c314880e68964
67a4878c66a30fb80b1e2411d8550c8e7aa863cc5a98aacc21069b467422a1cd
6882e5b22cfa863c2631280944c5e9dcb6dd7ae9c4f159021fce2bed20d4d529
69f4c0e2968b3abf25f440ea9750e2e01fad20dc34ad3ac45fbb95171fdb0763
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba
6c99bee74aefc77081cf112204158705bbaf711b1cd30d5942ba97ba77da8182
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
6ff6fd6e9e26c327b6f8c89b35074ca973bc74ed43c558dd11dafadddad41ca8
727052d8743a436049aaf9aa8a70de0d2492ce136b24879ae366f3ee9835ca10
72b88b6dd3591e047ebc4e90d6b42b95f9950d242912bbd86c145f05a6b78011
741d02336a1f98c14dc2373a43dec2293965d85578b0cfa1b5076a7328ee3555
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
7a2bf8a8864a824e162bd09745c4056c33bbef5e05828db9759fb0afda81ad89
7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd
7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654
7d425eaf04f774bece10d7f67a0dcbe9d4c5d9223855093f23f2e67f52e6e52a
7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
81f719850af306fd520440a0b395b8a7b08130455f7d89227f986cbb2137991d
82b70d609052d43e48decf6212a52d8a5eef1f8bbf109d0afe7f5528b7b449e3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84172ab8ffc60b04a891345d7aeacc0bb2333392172cd60c4e2d0bf51a13b2ba
85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8
86907b32661b18f6fe7903b67b5933da102eff4b7e9ae82d871072500caea2f8
8884c925a54f34b805f0fc4637583a5dc6c2d5f9870d19a9b74686ae59368738
88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa
88e815336b1a0c17bdcab5ff5d345bbb35f24d9f0cba8d835393511d2aae0ff6
8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae1f5532f9d310fe1c417006170224df6af527c6a8abf8f8d297c611302ec8d
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8d519935887d07356ef2eb34d7f5eacf1fde50c695a82bcf04da3531120b46f8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
902f5de20773e21c5e4fdb34acaeff424675c50006ebe206ca15ea031428e008
935cb1b55d7dd132f91bda7202a076a800d85b89449d1a2d9a3363d1011e529c
94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163
9539d53fde0f0976637ee70b3ac04408510f532bf8fb11b5b2e9ee5f429f6822
96ad852316a8a502917c70d74007f02a202e6b057b6a7b8a03b0c46df859e91b
96ca0808607cc88fed5102bcd8dded5bcb489cb50cb34ef505285c1852aab836
98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10
9e8f282855bc9b8bfea66787caff16306d3edef2ff5f008dc2add0fd97e2b7ac
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a067282eb49b4b9a314ed56842edf759d320ebd9f2a345d5881f0abeca117a45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a130d8783fcc312003c082308a6c9dad1abe6324bded170285170556e92fbc82
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b711705d1d64f3f446305b21f8b2c777d72eae297e81bdf020d8dcdaa3af86
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280
a2f2aeae12ca4c69c912d7496564920eb3d26b6ccc833c42353e00343214b33e
a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43
a40a9f2b83260352c8de2058afb7e1af11e48500a14432c4cbc0b72afac6fb59
a40ff09542fbedd097c2867adb4299eb3b95f33655e798ae10c1e19c297e7259
a411d089866aaa8961b38410d3ed37f4d52ca0ab15236d67b0f56f93bb20a5cb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58b5573e094decca6032a2d52bee2cae53654e12b88252f88c9d78b29f87322
a5c472eb498be9d618f4e850fbfa1608eaec1e73f7a9ca97fe28a19188bde740
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8402f7ca3c01bc64bcfead20a1d8784f0b3bb08f55d77dea0497e6b69ac10d8
aa074e019e49996734864780e02fa6b387cda33de27f43c2a1b6957be676f981
ad091945f95bfc12e0357ca55091db4b47229abd21efaced6b849db605c13997
ae29c0a50b015d25bc4ab4a1d3e50394cca8718506906c57667690dd3ac94f4d
b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c00369a64cb33986a55eeb8dd16e23b7e540b51e7ef9f49e8a7a836adb014d
b36de54a52c8800c0c852834995d4220d1bab499fee03ee4d612397f36d9d4c4
b4e97339829ec9d0ff5c5084e54a11134828a5787b9081afa964ba4e588d907d
b8fe26203f24188dd3e9569046b700d7899a08b72d97c6c5177eeec32781e67a
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b9b488db3fd162910f4fcc4060f0524deb455037422eea56be0f98c6e85ec480
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
ba82e6480a2599627970d68d9d42b4e51c488e9eb8587d3cf9d539724b44b073
bcb60c7c60dc1ca99380aecf484e91d9979ec1a53c18a0977f42c2e7c1c7cb2c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d
c00371b4c5eb8328791a15210ed22492ec7efbd4895907e1bea770fcff12e53c
c015d451be8161a2af2cb0b90c9663897640fbb8c1c27d198c7f44ae8a478f0f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d
c324734c7fe68235b85c5894b029d1e64fc4ac397c233652604a8dabead6dd8a
c3dd33663f707b3521431259fdd071f656b8365402b22fbc387bec385b66e282
c453eeacb689e19e79f638ad994088122dc24cc35e4c440546cba9f107e6efac
c5c2f4072b5ebad3ba0663369fb2684e3e83692b3711adf805042c704f3a0235
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe
c7cb686657241a351277afb7ce196ae208dadc54c82222e29ebe37338db25958
c989fe6d1d351930c4bf8b47df69f59ac2ce7077a31bb8173b427146a630283f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8efee42e12974d12460be4dbafc3edf91a063d9ffa67c9544c7efa66936a47
cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5
cc426be25bc24bc2594e52b8fcdb9f26f209d08578944de2d366b74976861692
cd2bf2489354bd8988f9cec3df34c3f5022d7983be569c51eb3101aac8107d35
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cde32b79b86b46af9f8645cf97f95c25ce0abebd208b7a1d954cee589758224f
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
d660840910d735fd79d7c4780b44c6c7056974f7becb37f0dabce26b243e67d8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5
d9a788f4d19b9938a61116bc4cae75cdfbe029d8d0de13d1bf5c7458d33dea7f
da75e7bf2ec5c3fd69039de5de1af65c1c9803ffc26341aeb871133654111934
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f
de97f4937ea6cb453c24770f01190033933132bfc2ec98ed69391d4431027862
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e073396dcef95ce46aa296c6406898a1d8374beacbc1c6a3913091e61de66092
e21f797e4abd86dc3ab738e767662c269c792481307dd66663eb8117e3d82bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9b227f6f1789e870ce5ffe0d4becb276ec5abeb98d45d82ff5040a1b11611
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e67c6d94cd2a08f62fa76e292cfe34363bad74181a8a99669e3b377a53c0d781
e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981
e8ebba2c054fd7e8a4747812be2ae4269af334a2e74f28ca244870fa78f7cd80
e8ee2708c1df628a6145b03d746fbdbb5076288464484672b25f70917ecea416
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecf1d2dc28a8fe2332483cfa144e98791181a2e7ffcc500a16828c1d0a6da947
ed7d8f3963f241f576ad4ffa74bdc05bf0fb7553562c258b5244757758620e90
ed8a4c603add6cab4fa9e304d8b964d8148d402d3bec072496f4bcd148252ec4
ee2ec977814ef6d0e7399fdf80c62a5195c203c9ca02686506bcb5afe9ff1695
ef0b54da4a79f7c1e9c79ba07d42ee6ab823fc52c0ccf97bb22101cfe548ae70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64073c093d1a745649a1267e340a274375594ad44c691a90a00c3e916686d7
f1c0dbc47d7191146dca50ad89abaa1f6c78e45503e7f9c96d211f28e528c598
f217c3b955b5fafbac5ad518e92903d7cfb404260c7c66a61f4fee7ff9677bbe
f2940a03121f2fbd112725710de88a9ca873e00e714bf3e9821aa75e3fa7d549
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01
f324d9fce1e416f0df3daa21348a04807751a13426e3ae408671a2405998af58
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9285e639ef247571d1ac419992fbdd363c488098037d919f18faa0318138700