urlscan.io logo urlscan.io
SecurityTrails logo

krdo.com Open in urlscan Pro
2620:12a:8001::4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Effective URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Submission Tags: falconsandbox
Submission: On April 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 10 countries across 108 domains to perform 472 HTTP transactions. The main IP is 2620:12a:8001::4, located in United States and belongs to FASTLY, US. The main domain is krdo.com.
TLS certificate: Issued by R3 on March 31st 2021. Valid for: 3 months.
This is the only time krdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31 2620:12a:8001::4 54113 (FASTLY)
7 35.227.203.93 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 69.16.175.42 33438 (HIGHWINDS2)
1 2.18.234.163 16625 (AKAMAI-AS)
1 65.9.66.70 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
10 89.187.169.15 60068 (CDN77 (^_^)/)
2 38.27.106.51 395717 (BLUEARCHI...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.96.74.203 15169 (GOOGLE)
19 142.250.185.98 15169 (GOOGLE)
1 52.21.23.66 14618 (AMAZON-AES)
7 54.210.4.204 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.86.215.174 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 54.214.244.124 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2.18.232.7 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 13.224.106.52 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 213.19.162.51 3356 (LEVEL3)
2 35.156.13.167 16509 (AMAZON-02)
9 34.230.171.184 14618 (AMAZON-AES)
5 11 216.52.2.39 29791 (VOXEL-DOT...)
5 18 35.244.159.8 15169 (GOOGLE)
3 184.25.115.31 16625 (AKAMAI-AS)
4 11 185.33.221.89 29990 (ASN-APPNEX)
3 34.200.78.134 14618 (AMAZON-AES)
1 151.101.114.110 54113 (FASTLY)
16 2a00:1450:400... 15169 (GOOGLE)
1 162.247.243.147 23467 (NEWRELIC-...)
1 2600:9000:211... 16509 (AMAZON-02)
1 13.32.23.170 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
9 3.12.221.43 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
4 52.0.218.160 14618 (AMAZON-AES)
15 2.18.233.180 16625 (AKAMAI-AS)
3 151.101.113.194 54113 (FASTLY)
3 13.224.105.229 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2600:9000:20c... 16509 (AMAZON-02)
1 1 52.73.31.234 14618 (AMAZON-AES)
1 3.215.147.84 14618 (AMAZON-AES)
2 150.136.25.38 31898 (ORACLE-BM...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 104.16.190.66 13335 (CLOUDFLAR...)
1 178.162.133.150 60781 (LEASEWEB-...)
1 52.48.175.241 16509 (AMAZON-02)
1 136.144.59.88 54825 (PACKET)
1 18.194.69.169 16509 (AMAZON-02)
1 192.96.200.41 30633 (LEASEWEB-...)
1 213.19.147.43 3356 (LEVEL3)
1 2600:9000:205... 16509 (AMAZON-02)
2 11 52.95.124.170 16509 (AMAZON-02)
1 36 52.212.126.234 16509 (AMAZON-02)
3 15 2.18.234.21 16625 (AKAMAI-AS)
4 104.111.230.142 16625 (AKAMAI-AS)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 185.64.189.115 62713 (AS-PUBMATIC)
4 4 18.185.197.81 16509 (AMAZON-02)
17 72.251.249.13 29791 (VOXEL-DOT...)
20 31 142.250.185.130 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
3 3 69.173.144.138 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
11 17 34.240.192.98 16509 (AMAZON-02)
2 72.21.206.140 16509 (AMAZON-02)
2 2 34.236.212.156 14618 (AMAZON-AES)
3 3 66.155.71.25 13768 (COGECO-PEER1)
1 1 18.198.69.109 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
2 3 104.111.242.53 16625 (AKAMAI-AS)
2 2 51.178.20.140 16276 (OVH)
5 5 185.33.221.15 29990 (ASN-APPNEX)
18 19 54.93.69.146 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
3 4 64.74.236.63 22075 (AS-OUTBRAIN)
2 2 52.28.254.214 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
2 2 3.225.15.51 14618 (AMAZON-AES)
2 5 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 34.193.37.198 14618 (AMAZON-AES)
2 150.136.26.45 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
1 1 64.74.236.95 22075 (AS-OUTBRAIN)
3 3 52.58.124.95 16509 (AMAZON-02)
16 17 213.19.147.44 26120 (RHYTHMONE)
3 3 198.148.27.139 19189 (PULSEPOINT)
7 7 185.29.133.52 30419 (MEDIAMATH...)
8 8 151.101.14.49 54113 (FASTLY)
4 18.195.155.181 16509 (AMAZON-02)
2 2 124.146.215.46 2514 (INFOSPHER...)
4 4 193.0.160.129 54312 (ROCKETFUEL)
5 5 185.184.8.30 204995 (RTB-HOUSE...)
4 4 213.155.156.167 1299 (TELIANET ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
2 178.250.0.163 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
8 185.64.190.80 62713 (AS-PUBMATIC)
4 4 37.157.2.234 198622 (ADFORM)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 51.75.146.160 16276 (OVH)
3 4 2001:678:cb4:... 56396 (TURN)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 4 159.253.128.183 36351 (SOFTLAYER)
1 35.244.174.68 15169 (GOOGLE)
3 6 69.173.144.165 26667 (RUBICONPR...)
6 37.157.6.246 198622 (ADFORM)
1 3.120.80.221 16509 (AMAZON-02)
5 37.157.5.72 198622 (ADFORM)
1 34.120.133.55 15169 (GOOGLE)
1 1 13.224.106.24 16509 (AMAZON-02)
1 1 104.108.144.24 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 178.162.133.149 60781 (LEASEWEB-...)
1 1 188.34.152.202 24940 (HETZNER-AS)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 152.199.22.191 15133 (EDGECAST)
1 151.101.113.108 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 67.202.110.24 32748 (STEADFAST)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
2 2 52.49.40.147 16509 (AMAZON-02)
1 1 52.21.173.249 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2 35.227.252.103 15169 (GOOGLE)
1 1 13.224.106.14 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 1 54.174.195.234 14618 (AMAZON-AES)
472 112
31    2620:12a:8001::4 (United States)

ASN54113 (FASTLY, US)
www.krdo.com
krdo.com
7    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
12    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    69.16.175.42 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net
apv-launcher.minute.ly
apv-static.minute.ly
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
1    65.9.66.70 (United States)

ASN16509 (AMAZON-02, US)
cdn.blueconic.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com
krdo.b-cdn.net
2    38.27.106.51 (United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)
s3.us-east-1.wasabisys.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
19    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-23-66.compute-1.amazonaws.com
jadserve.postrelease.com
7    54.210.4.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-4-204.compute-1.amazonaws.com
npgco.blueconic.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com
6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com
20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com
19    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:20c8:5c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.86.215.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-215-174.compute-1.amazonaws.com
ping.chartbeat.net
1    2606:4700:20::681a:a06 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
2    54.214.244.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-244-124.us-west-2.compute.amazonaws.com
ads3.mthsense.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2606:4700:10::ac43:145c (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
6    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
2    2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
2    13.224.106.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-52.mad50.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
2    35.156.13.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-13-167.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
9    34.230.171.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-171-184.compute-1.amazonaws.com
x.yieldlift.com
11    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
18    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
os4m-d.openx.net
insticator-d.openx.net
us-u.openx.net
eu-u.openx.net
3    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
11    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-78-134.compute-1.amazonaws.com
ssc.33across.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
16    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
googleads.g.doubleclick.net
1    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
1    2600:9000:211e:7200:5:ee0e:9e80:21 (United States)

ASN16509 (AMAZON-02, US)
d3oi8laqsvc6ey.cloudfront.net
1    13.32.23.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-170.fra56.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
1    2600:9000:2057:5600:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
9    3.12.221.43 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-221-43.us-east-2.compute.amazonaws.com
includemodal.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2600:9000:211e:6a00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    52.0.218.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
geoip.insticator.com
b2c.insticator.com
event.insticator.com
15    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
3    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2600:9000:20c8:1200:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
1    52.73.31.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
px.britepool.com
1    3.215.147.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-147-84.compute-1.amazonaws.com
thrtle.com
2    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
prebid.technoratimedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
apex.go.sonobi.com
1    52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
1    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.emxdgt.com
1    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    2600:9000:2057:8200:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
11    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
36    52.212.126.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
17    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
31    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
17    34.240.192.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
data.adsrvr.org
2    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
2    34.236.212.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
5    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
19    54.93.69.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-69-146.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    64.74.236.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
sync.outbrain.com
2    52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    3.225.15.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
5    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    34.193.37.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    52.58.124.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
17    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
2    124.146.215.46 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
4    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
ws.rqtrk.eu
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    3.120.80.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
protected-by.clarium.io
5    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.rlcdn.com
1    13.224.106.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-24.mad50.r.cloudfront.net
s.ad.smaato.net
1    104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
cs.media.net
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    188.34.152.202 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    67.202.110.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
event.clientgear.com
2    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    52.21.173.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
1    13.224.106.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-14.mad50.r.cloudfront.net
cm.smadex.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    54.174.195.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
Apex Domain
Subdomains		 Transfer
51 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
462 KB
39 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
image8.pubmatic.com Failed
234 KB
37 gumgum.com
g2.gumgum.com
rtb.gumgum.com
12 KB
36 googlesyndication.com
173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com
20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
391 KB
31 krdo.com
www.krdo.com
krdo.com
227 KB
28 lijit.com
ap.lijit.com
ce.lijit.com
37 KB
20 openx.net
os4m-d.openx.net
insticator-d.openx.net
us-u.openx.net
eu-u.openx.net
rtb.openx.net
5 KB
19 bidswitch.net
x.bidswitch.net
6 KB
17 adsrvr.org
match.adsrvr.org
data.adsrvr.org
7 KB
17 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
33 KB
17 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
19 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
16 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com Failed
pixel.rubiconproject.com
32 KB
15 adform.net
c1.adform.net
track.adform.net
s1.adform.net
110 KB
12 1rx.io
tag.1rx.io
sync.1rx.io
6 KB
12 googletagservices.com
www.googletagservices.com
342 KB
10 b-cdn.net
krdo.b-cdn.net
1 MB
9 includemodal.com
includemodal.com
2 KB
9 yieldlift.com
x.yieldlift.com
6 KB
9 pymx5.com
pymx5.com
api.pymx5.com
200 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
8 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
134 KB
8 blueconic.net
cdn.blueconic.net
npgco.blueconic.net
266 KB
7 mathtag.com
sync.mathtag.com
4 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com
3 KB
6 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
6 cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
188 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 turn.com
ad.turn.com
r.turn.com
d.turn.com
2 KB
5 creativecdn.com
creativecdn.com
2 KB
5 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
198 B
5 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
4 KB
5 technoratimedia.com
prebid.technoratimedia.com
sync.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
5 ampproject.org
cdn.ampproject.org
108 KB
4 simpli.fi
um.simpli.fi
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 rfihub.com
p.rfihub.com
3 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
2 KB
4 google.de
adservice.google.de
1 KB
4 minute.ly
apv-launcher.minute.ly
snippet.minute.ly
apv-static.minute.ly
613 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 360yield.com
ad.360yield.com
813 B
3 owneriq.net
px.owneriq.net
1 KB
3 sitescout.com
pixel-sync.sitescout.com
2 KB
3 fastly.net
confiant-integrations.global.ssl.fastly.net
115 KB
3 snackly.co
counter.snackly.co
588 B
2 betweendigital.com
ads.betweendigital.com
1017 B
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
282 B
2 zeotap.com
mwzeom.zeotap.com
981 B
2 bidr.io
match.prod.bidr.io Failed
1018 B
2 socdm.com
tg.socdm.com
2 KB
2 deepintent.com
match.deepintent.com
83 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 advertising.com
pixel.advertising.com
726 B
2 dyntrk.com
gu.dyntrk.com
1 KB
2 tapad.com
pixel.tapad.com
851 B
2 advangelists.com
nep.advangelists.com
465 B
2 media.net
contextual.media.net
cs.media.net
2 KB
2 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
103 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
420 B
2 sharethrough.com
btlr.sharethrough.com
217 B
2 googleapis.com
storage.googleapis.com
605 KB
2 scorecardresearch.com
sb.scorecardresearch.com
878 B
2 youtube.com
www.youtube.com
40 KB
2 mthsense.com
ads3.mthsense.com
17 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 cloudflare.com
cdnjs.cloudflare.com
76 KB
2 wasabisys.com
s3.us-east-1.wasabisys.com
47 KB
2 googletagmanager.com
www.googletagmanager.com
65 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
384 B
1 smadex.com
cm.smadex.com
525 B
1 clickagy.com
aorta.clickagy.com
665 B
1 clientgear.com
event.clientgear.com
261 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 aralego.net
cdn.aralego.net
1 KB
1 indexww.com
js-sec.indexww.com
1 KB
1 splicky.com
bidswitch-eu.splicky.com
225 B
1 2mdn.net
s0.2mdn.net
396 B
1 smaato.net
s.ad.smaato.net
691 B
1 clarium.io
protected-by.clarium.io
345 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 exelator.com
loadm.exelator.com
641 B
1 aralego.com
hb.aralego.com
sync.aralego.com Failed
317 B
1 a-mo.net
prebid.a-mo.net
153 B
1 thrtle.com
thrtle.com
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 nr-data.net
bam-cell.nr-data.net
642 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 chartbeat.net
ping.chartbeat.net
169 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 postrelease.com
jadserve.postrelease.com
637 B
1 ntv.io
s.ntv.io
103 KB
0 w55c.net Failed
pm.w55c.net Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 mynativeplatform.com Failed
hb.mynativeplatform.com Failed
472 108
Domain Requested by
36 rtb.gumgum.com 1 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
krdo.com
ap.lijit.com
31 cm.g.doubleclick.net 20 redirects ap.lijit.com
rtb.gumgum.com
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
krdo.com
eu-u.openx.net
30 krdo.com krdo.com
npgco.blueconic.net
19 x.bidswitch.net 18 redirects rtb.gumgum.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
krdo.com
cdn.ampproject.org
confiant-integrations.global.ssl.fastly.net
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
19 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
krdo.com
confiant-integrations.global.ssl.fastly.net
17 ce.lijit.com ap.lijit.com
us-u.openx.net
rtb.gumgum.com
16 match.adsrvr.org 11 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
eu-u.openx.net
15 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
aax-eu.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
ap.lijit.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
12 www.googletagservices.com krdo.com
securepubads.g.doubleclick.net
d3lcz8vpax4lo2.cloudfront.net
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
11 sync.1rx.io 11 redirects
11 aax-eu.amazon-adsystem.com 2 redirects confiant-integrations.global.ssl.fastly.net
aax-eu.amazon-adsystem.com
ap.lijit.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
rtb.gumgum.com
ads.pubmatic.com
11 ib.adnxs.com 4 redirects storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
11 ap.lijit.com 5 redirects storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
aax-eu.amazon-adsystem.com
ap.lijit.com
10 krdo.b-cdn.net krdo.com
9 us-u.openx.net 2 redirects eu-u.openx.net
ap.lijit.com
us-u.openx.net
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 includemodal.com krdo.com
9 x.yieldlift.com storage.googleapis.com
8 simage2.pubmatic.com ads.pubmatic.com
8 image2.pubmatic.com ads.pubmatic.com
8 sync-tm.everesttech.net 8 redirects
7 sync.mathtag.com 7 redirects
7 npgco.blueconic.net cdn.blueconic.net
7 pymx5.com krdo.com
pymx5.com
6 eu-u.openx.net 3 redirects df80k0z3fi8zg.cloudfront.net
eu-u.openx.net
6 track.adform.net 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
krdo.com
s1.adform.net
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 sync.targeting.unrulymedia.com 5 redirects
5 s1.adform.net krdo.com
s1.adform.net
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
5 creativecdn.com 5 redirects
5 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
us-u.openx.net
ssum-sec.casalemedia.com
5 secure.adnxs.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 sync.go.sonobi.com 2 redirects krdo.com
4 um.simpli.fi 2 redirects ads.pubmatic.com
4 c1.adform.net 4 redirects
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 p.rfihub.com 4 redirects
4 cs.emxdgt.com rtb.gumgum.com
storage.googleapis.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 pixel.quantserve.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
4 t.teads.tv krdo.com
4 adservice.google.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
4 adservice.google.de securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
3 ad.turn.com 3 redirects
3 bh.contextweb.com 3 redirects
3 ad.360yield.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 pixel-sync.sitescout.com 3 redirects
3 pixel-eu.rubiconproject.com 3 redirects
3 c.amazon-adsystem.com d3lcz8vpax4lo2.cloudfront.net
c.amazon-adsystem.com
3 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
3 ssc.33across.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
3 htlb.casalemedia.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
3 fastlane.rubiconproject.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
3 counter.snackly.co snippet.minute.ly
2 ads.betweendigital.com 2 redirects
2 rtb.openx.net 1 redirects us-u.openx.net
2 simage4.pubmatic.com ads.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 match.prod.bidr.io ads.pubmatic.com
us-u.openx.net
2 dis.criteo.com ads.pubmatic.com
2 tg.socdm.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 sync.technoratimedia.com rtb.gumgum.com
2 sync.srv.stackadapt.com 2 redirects
2 pixel.advertising.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel.tapad.com 2 redirects
2 nep.advangelists.com 2 redirects
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com confiant-integrations.global.ssl.fastly.net
2 image6.pubmatic.com ads.pubmatic.com
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 prebid.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 mug.criteo.com krdo.com
2 gum.criteo.com 1 redirects
2 www.google.com 1 redirects 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
2 os4m-d.openx.net storage.googleapis.com
2 btlr.sharethrough.com storage.googleapis.com
2 storage.googleapis.com ads3.mthsense.com
2 sb.scorecardresearch.com 1 redirects krdo.com
2 s8t.teads.tv a.teads.tv
krdo.com
2 a.teads.tv securepubads.g.doubleclick.net
s8t.teads.tv
2 apv-static.minute.ly krdo.com
2 www.youtube.com snippet.minute.ly
www.youtube.com
2 ads3.mthsense.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 api.pymx5.com pymx5.com
2 cdnjs.cloudflare.com krdo.com
2 s3.us-east-1.wasabisys.com krdo.com
2 www.googletagmanager.com krdo.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cm.smadex.com 1 redirects
1 d.turn.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 aorta.clickagy.com 1 redirects
1 event.clientgear.com 1 redirects
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 js-sec.indexww.com df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 bidswitch-eu.splicky.com 1 redirects
1 s0.2mdn.net 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 r.turn.com 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
1 api.rlcdn.com ads.pubmatic.com
1 protected-by.clarium.io 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
1 id.rlcdn.com eus.rubiconproject.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 b1sync.zemanta.com 1 redirects rtb.gumgum.com
1 sync.ipredictive.com 1 redirects rtb.gumgum.com
1 loadm.exelator.com 1 redirects
1 contextual.media.net ap.lijit.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 dh014lg6uwepv.cloudfront.net krdo.com
1 tag.1rx.io df80k0z3fi8zg.cloudfront.net
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 hb.aralego.com df80k0z3fi8zg.cloudfront.net
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
1 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
1 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
1 thrtle.com krdo.com
1 px.britepool.com 1 redirects
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 googleads.g.doubleclick.net
1 d3lcz8vpax4lo2.cloudfront.net d2na2p72vtqyok.cloudfront.net
1 d2s8wlbatk24s7.cloudfront.net d3oi8laqsvc6ey.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net krdo.com
1 d3oi8laqsvc6ey.cloudfront.net securepubads.g.doubleclick.net
1 bam-cell.nr-data.net js-agent.newrelic.com
1 20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js-agent.newrelic.com krdo.com
1 snippet.minute.ly apv-launcher.minute.ly
1 ping.chartbeat.net krdo.com
1 static.chartbeat.com krdo.com
1 173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 jadserve.postrelease.com s.ntv.io
1 cdn.blueconic.net krdo.com
1 s.ntv.io krdo.com
1 apv-launcher.minute.ly krdo.com
1 www.krdo.com 1 redirects
0 image8.pubmatic.com Failed rtb.gumgum.com
0 pm.w55c.net Failed us-u.openx.net
0 sync.aralego.com Failed cdn.aralego.net
0 id5-sync.com Failed krdo.com
0 ums.acuityplatform.com Failed krdo.com
ap.lijit.com
ssum-sec.casalemedia.com
0 api.britepool.com Failed ads.pubmatic.com
0 token.rubiconproject.com Failed eus.rubiconproject.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 hb.mynativeplatform.com Failed storage.googleapis.com
472 174
Subject Issuer Validity Valid
krdo.com
R3		 2021-03-31 -
2021-06-29		 3 months crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2020-09-10 -
2021-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.minute.ly
Sectigo RSA Organization Validation Secure Server CA		 2020-05-12 -
2022-05-16		 2 years crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.blueconic.net
Thawte TLS RSA CA G1		 2019-12-04 -
2022-02-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
*.s3.us-east-1.wasabisys.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-09 -
2022-03-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.mthsense.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2020-11-30 -
2021-12-31		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.yieldlift.com
Amazon		 2021-01-30 -
2022-02-27		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2020-08-24 -
2021-08-24		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2020-03-22 -
2021-05-21		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.a-mo.net
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh

This page contains 72 frames:

Primary Page: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Frame ID: 28746046B6860289A0EC50C2036A6FA9
Requests: 101 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssERuzTqZVPZI6ZW6VaXYuQAI0VEtyXaYUUjSBWBYtbrY6I_dAex_c5rAi4kBIpWDFrO33ifEkMSdzmaXxkh1RQ0t_g0v2L3fxn_-WPXjknxUFD4R58IMl04sMCsM5hHTtkEaioLzrNyMOfe8Zy0JvdGrX-Gnr-lyyzlMUv3di1K7S5Bs3ebnQzKasc_yhiX1kYuESvrt0SN3eSyyPpp46SQf2gWZU5V0mwmUY40dRcrQ7yWMQku2ov2siQRR-j2t1qzZDHK7LUZDA6g9WVYXM&sai=AMfl-YQMgKaIJ2ewSI7UOIUHFtERwZo97k82A00UeuT0RfvmG9DjKJrcNkAdEZgD66yE0DhPiRBmgYymffvlQzWLvSRCU3u151Yod8FhXNxB0VW3WdM0W_FBmucPoP4it-g&sig=Cg0ArKJSzC_RuLgcxRGrEAE&urlfix=1&adurl=
Frame ID: 52D535DFA254C79147AB6BF1D23670A2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK0Y45aM6ZZL0lA_AsAfWbc-SYvFGfXYe6LJU9W1UrSWbINudWUQVzikTHhRjJHLRD9EYBWTCvUA_z9BYcV72_kktmY4t3gs5mE9dS2zDZ_A_ANPL0xRxZtaBKjEvwjMUqXUdimhxVedz5qiqEzi7p0VPv0sPrk38Hcp9rzcijA8Zqj8TFLjIQ_WkAdejKrFkYZnae1HO9ANnvI6uP3IlbDQ9wtwNTuBi_ZbysyqsPJtkE8flcxtwR0m6lUox0uPXuQTBUAo3rpyHOEtMbNjs&sai=AMfl-YQsB0-fI4XEEACvp7VItaS5HNRmPXuzFo6MTOZr8yRX9gs_XhzTsKjFPXQZCCeWYOBG_RRYJBRWxy52tXPWytxcDHx4rYgzmvQNUJwbyW7VPvJf_gZiCivJDAukXNVG&sig=Cg0ArKJSzKPVVSYyxWiMEAE&urlfix=1&adurl=
Frame ID: 7180206197702C14D9528F14CC2B6A50
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRoFaTKrFMy04kDkxDjrTSe6teyInGmLPUfwtE7QvqFe-59aMV52SwLCIlMfnBpl3tjUFZOB8I6orgNIQ8N7eTw7YNVNGBnavB_4mS0bd2KzRJRR0F4fEv7Ofl78wFJN-Nhh7N5kuu5eYwkftS0npFavKdz-H4SLNEWunnGWpE0hyUG0g8cZPGLey7Ag4cuOkv5d2xX9ddNBA_yVpRdwceR0o4h7WWfXVYlw5J3mSAXPP-xG-iLXo6O53wNl6avt0kzMJLlIeMN5v7cxU&sai=AMfl-YQLgPAXOHokUlvBhD2eiFQ8D-X1j0EGfPScdBQMAWmmZm4QAZSzJg53wxiLCya9uOVaqot1AFsBkvqq0Meg3KikKH7hDbSQ_lcX2EKrF8ylteIM9j_QIitjYCJdztY&sig=Cg0ArKJSzHoLC4UxDrTdEAE&urlfix=1&adurl=
Frame ID: 860801E755A3A9775B1E82C687EBC044
Requests: 5 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 5DF50F7687D807A2CE94E6B3BCBAC29B
Requests: 27 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: D3BB27CF7411A135F163ABB7D857021F
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FCF350650AC11BCDA6D104006EE44ACE
Requests: 2 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: 4DD5110384A87398BDD1513D9DD89BD1
Requests: 63 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: EE503B26A71C5D24D5169EE65BACD28F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 7C467469416D1090E33A6937A4747098
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3CB6ECB49152441D3862B8B6D5676B51
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: CA9EEAA796C40D2981BD89A27618EB1E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Frame ID: DAC71A86759C82161C04A45A2122AF27
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Frame ID: E1FA97EBDEC6D8EAD9FACAC91C9C6FE6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 7AD23CEAD44928B6590E60E09B83B61D
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: B89A0AD9F5EB5DB794955ABE043AE053
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 4DAC24CC30DE4AFA85797602B1668ABF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: AB6C85E3197135A075F9944A7DB9B500
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=279008679709069790&ex=districtm
Frame ID: 3D1363291D6F14A2F3D6309F704F8036
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 45DACC7ECBA705E7BC01C718CBE6A17D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 278B200F036CDB075FC4BA08507CA0BD
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 53086809E681DFBC6B6468EBC48E6299
Requests: 22 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
Frame ID: A94B699B49BFD1BE53E863C8706A3989
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
Frame ID: FD175D4C5863EBF19F6FEAE6DD32AF66
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2Q3ZDM1Yi1jMDA0LTQ3NDMtYWFjMC05MmE2M2E2Yzk0MDg=&gdpr=&gdpr_consent=
Frame ID: AEE38D42985030D4052A456D0A9010FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9D1697A9DCD45153B5F3D15138452146
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
Frame ID: A1A7D8C7591F38BB2A8FF986A585FC7E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 80A991576C199D5BF1B487FD336F86E0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Frame ID: 791C9CA294424EE056229E283A79532A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082354
Frame ID: 2CE78F5CC872021FA977E354753A90AE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
Frame ID: 40D98DE261BB00D4D87F2DF52638F5A3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8164635290675019404
Frame ID: 271A3115E9682D65FB4A7F02F82AD0CE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 706730640D375C728041521914C361DB
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: C3F0E3255BB5FFBB63178BDCB0E2A279
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 783AB58DBCCEA952748661E110866B42
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: ECC550E4361A3F4B8EF6585B1BEA05DA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6F7D7723-A198-426F-8996-478056294CA8&ex=pubmatic.com
Frame ID: 6B2E703542AFFF7DCC08F9A7F538971C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F8A021256498E6B237945724B4CDBF18
Requests: 12 HTTP requests in this frame

Frame: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 111A747E548EEFFDAAE3C028DC6BE0A8
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D3323171A993CCF973B62F20DACC049
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5726185930160061537
Frame ID: 9102B3D0CA17F8552BAFA727870F4DB1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5F5F553C31EB0912B252FC0CB731F657
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=26BEF33A-1E6C-4D48-BC3B-B297CF88379D
Frame ID: 0B1E2F072EB2A857A8F47AD53D49C4EF
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Frame ID: E48C3942383C5CF97FC8BAF20A0A3490
Requests: 21 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: 675197B3D388BB3842A9B8FF10D12196
Requests: 7 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Frame ID: 3EB7BDED080EB5B9CF3E58B5626255FD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 193A7E19E9C50F98A0D9BBEF8A993736
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FAAC9DF6D3AB7F054F40AEEDC5E15EF3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AD05708F16534DB4E058B3646525008E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: F3532434286AC29CCFF994BF7F908802
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4EFF6FF7B6A79E3B0AA73CC888AB7E81
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 0129BEFFF4BC82F58806400D9FF88A1C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F9D52136C0032BE647CD4D18FF1C2A1A
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A4C012DF7949D19CB4D0B9D16EB5FA94
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 01EEFB5C80081F5C1F2C3EC6E28EA031
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 6FC316178E77AA708B89F8369B322490
Requests: 15 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 65140E20C3651BCE93766643CFB3080C
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 22A75A2B60EB0DD7C402CB788B862589
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=4371649259542192953&gdpr=0&gdpr_consent=
Frame ID: 8A5FB370B8E04D45468732FEB96DCCD0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 268CE4DA8CC3FF8C2D5B65D17F41104A
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Frame ID: 332DF3221CBFFA7BA76AA1ECC416C030
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
Frame ID: 36A152EA1627BDC029ADD3469B7ECC15
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGY2YzRkNy01MGQxLTQ3OGUtYjRjZC1iNjA0ZTY1NjI1M2Q=&gdpr=0&gdpr_consent=
Frame ID: 38F0E0F57F8578EBE62B44E76C94296C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A54575CBB02EC79EA059B29D5CE43442
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
Frame ID: 4C2F9DB0D38CE054D4F5A0C97A172268
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 90904062F2F8AB0B6A135744447FDC1A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Frame ID: 2ED60501EB8EB68683388247C2BDCB68
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082371
Frame ID: 177CE06A112E7200B2CA846705C367CF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
Frame ID: B9C37C7CAA5D92F74603CD6D33443478
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 62F8D0208126838233756F6F692AC9D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FF2036593071E482BEE94248D826574C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5AA817C267C9D49D66B03960FC1C2E86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20... HTTP 301
    https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

472
Requests

95 %
HTTPS

24 %
IPv6

108
Domains

174
Subdomains

112
IPs

10
Countries

5762 kB
Transfer

12167 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears HTTP 301
    https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=38491422&cs_ucfr= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=38491422&cs_ucfr=
Request Chain 178
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 196
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkrdo.com%2F&domain=krdo.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GXTtAXxoRzFBWWcrODcwN3hpcEtjQWljZ3pXT212aTRvNXRJTHQ5OVJFOGo5TEdwaVV4UlYrMC9hb2hsaWVCR2piSGhjbEg0YldSL1gyaGhCREJCYlZaaUZaNnZmYXdIRHFjc0FnWEdnUmg5cEgydENnVVJZWGIveThkWG03ZWQxNmhKY2xXYWhQTFkwVFdPV1pKbUd2ZWV3M3JtNlhxOWd5cWFqWWdVNzBIaFhtMmJxZkdYSXpkdXg5blJmNW9za0FvaTc3V09PMkxCejd1RGFXdFgreFJFaXVnPT18&cppv=2
Request Chain 198
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=fd43345a-b5a2-4aad-b04d-a08344ee05b8
Request Chain 225
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Request Chain 234
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=279008679709069790&ex=districtm
Request Chain 236
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 242
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=bec1aa88-4854-4fb9-b7dd-50f0d9d307d3
Request Chain 243
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
Request Chain 244
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MDVhN2VhNjVjYTlhMGQ0YmY4NzAyY2Zj
Request Chain 246
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KO1C0V2K-19-5QFX&gdpr=0
Request Chain 253
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO1C0V2K-19-5QFX&ex=d-rubiconproject.com&status=ok
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIk8v_6OHfTmY81fheaBfQAABLwAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeydp2SxCgHtMFitTgjtBU&google_cver=1
Request Chain 257
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIk8v-6OHfTmY81fheaBfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOlAUtQwH2i1ZdAtIa6b-I&google_cver=1
Request Chain 258
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3c090c35-2369-4fa8-a87a-a6d772dce9bb
Request Chain 259
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%2526expiration%253D1622198723 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26expiration%3D1622198723 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Df6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348%26expiration%3D1622198723 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&expiration=1622198723
Request Chain 260
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6728931231667818961&uid=Q6728931231667818961&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 261
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60893cc397893&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60893cc397893
Request Chain 263
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=279008679709069790
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=oHFPo6UiFKm7eEGq9yVaoqBzRqK7dBb4o3Z7a7ge
Request Chain 265
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28e2b9yAeWyIxY7mTt-uQyeG0dLpIkiAnWByY93oJPJ9L60rclPoyu48m5bFIL8UZF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28e2b9yAeWyIxY7mTt-uQyeG0dLpIkiAnWByY93oJPJ9L60rclPoyu48m5bFIL8UZF%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&obuid=ENC(e2b9yAeWyIxY7mTt-uQyeG0dLpIkiAnWByY93oJPJ9L60rclPoyu48m5bFIL8UZF) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980
Request Chain 266
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=060f31ab-66b5-0779-39dc-c99471a871e7
Request Chain 267
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-e454b439-e1a6-44f8-546b-d1e0b4ff17ed$ip$185.9.18.83
Request Chain 268
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-N2gjcHpE2pcnTaQ5UbRWDKCRbfvXOWq7rN61~A
Request Chain 269
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=d6128b7d-a80e-11eb-a91a-998f56f82790
Request Chain 272
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 273
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=32d804a4-eebc-4477-ba20-c3bf441a4d96
Request Chain 274
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3706976845 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/809107c7-3378-41c8-a18d-5084064fb8f8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8f4549c3-505a-4e81-81c5-267cf3940452-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Request Chain 275
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
Request Chain 277
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
Request Chain 281
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
Request Chain 283
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Request Chain 284
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082354
Request Chain 285
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
Request Chain 286
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8164635290675019404
Request Chain 289
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUHprN0JFbm9BQUNxMnFpcUtNdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b313I6GYQm-JlkeAVilMqA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 294
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 295
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6F7D7723-A198-426F-8996-478056294CA8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6F7D7723-A198-426F-8996-478056294CA8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6F7D7723-A198-426F-8996-478056294CA8&addseg=31
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDDeLeeur9hdxH1Q8t_aAbg&google_cver=1
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=809107c7-3378-41c8-a18d-5084064fb8f8
Request Chain 298
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=868959224502290637
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:10cb6089-3cc6-4e00-b916-2d132df6f614&gdpr=0&gdpr_consent=
Request Chain 300
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=279008679709069790&gdpr=0&gdpr_consent=
Request Chain 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F7D7723-A198-426F-8996-478056294CA8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F7D7723-A198-426F-8996-478056294CA8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vszhac1E2uUxAFSNzuwJAr1A_RGCRiQ-~A&gdpr=0&gdpr_consent=
Request Chain 303
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5478d71e-de3c-44be-944c-8a64b21ed8f8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 305
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8355863204268950766&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIk8xQAAikGNCQA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIk8xQAAikGNCQA4&gdpr=0&gdpr_consent=&_test=YIk8xQAAikGNCQA4
Request Chain 307
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34654f94-8021-4899-8b7d-48b29f57cd34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 308
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
Request Chain 314
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YIk8xQAAiDgFBwAC HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIk8xQAAiDgFBwAC&_test=YIk8xQAAiDgFBwAC
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED-j_YqBYE0tOgCmqDiDF54&google_cver=1
Request Chain 318
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f9136089-3cc6-4200-8ab4-d33ac8fd891c
Request Chain 341
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1&google_push=AQvitUJ07DHl9gEqspnhrIHVZfkV_-XPTBDgzF4nT3o5eoQLailvPpSOL1B40LQZ2eHYzh01xNMPowp9TIeAYn8Cw2lGv-TcI6xLhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM1NTg2MzIwNDI2ODk1MDc2Ng== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1
Request Chain 342
  • https://um.simpli.fi/gp_match?google_gid=CAESENfDRvwID0qls-1j6fonJss&google_cver=1&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOPldxEI8FvHcgr3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CC9E57CE0A404F9A991F5D40D0358805&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOPldxEI8FvHcgr3
Request Chain 343
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLEVPfBQ1Qsg36WUqV3wDM&google_cver=1&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4VXnbUbPgU7RGa8yrlEPDGWxl2oQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08xQzBWMkstMTktNVFGWA==&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4VXnbUbPgU7RGa8yrlEPDGWxl2oQ
Request Chain 344
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENqOglv5pERBeKP3iujwbaE&google_cver=1&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQObDjohVjooJMuekhv0rhRzpF2rXpKbS4QbGjLIea_oPORjQ7J6jSlKVFEF1yBM2bsYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d975ca1957d465c2e42c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQObDjohVjooJMuekhv0rhRzpF2rXpKbS4QbGjLIea_oPORjQ7J6jSlKVFEF1yBM2bsYw
Request Chain 345
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKhvYw9iSFy6TeJ2MD37Dag&google_cver=1&google_push=AQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ%26google_hm%3DA49FScNQWk6BgcUmfPOUBFI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ&google_hm=A49FScNQWk6BgcUmfPOUBFI
Request Chain 346
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFKSmK0nKyPRhgOREvr9DLY&google_cver=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt1xpAlkasp-BxkrYRBdPENDAWwU7bOrbVEQ6irBjwX2OfvM7dC-Tra4jqmiE0ZLzL1BAcQdw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&mn_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt1xpAlkasp-BxkrYRBdPENDAWwU7bOrbVEQ6irBjwX2OfvM7dC-Tra4jqmiE0ZLzL1BAcQdw
Request Chain 351
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Request Chain 352
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003&rndcb=4107639225 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8&google_hm=NTQ3OGQ3MWUtZGUzYy00NGJlLTk0NGMtOGE2NGIyMWVkOGY4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED3kq46HbEZxdMBaWMqqM_4&google_cver=1&ssp=adconductor&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5478d71e-de3c-44be-944c-8a64b21ed8f8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3DRX-8f4549c3-505a-4e81-81c5-267cf3940452-003 HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Request Chain 353
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Request Chain 355
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Request Chain 357
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Request Chain 359
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Request Chain 360
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003&rndcb=1851553953 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=5478d71e-de3c-44be-944c-8a64b21ed8f8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5478d71e-de3c-44be-944c-8a64b21ed8f8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Request Chain 361
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEqalW9B39i-awB1EuJOOTY&google_cver=1
Request Chain 371
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5726185930160061537
Request Chain 372
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=565cb74d-d219-4cf0-b470-4689722abe1d
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr7zOh5sTUi8O7KXz4g3nQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr7zOh5sTUi8O7KXz4g3nQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 377
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 378
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&addseg=31
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZCRUYzM0EtMUU2Qy00RDQ4LUJDM0ItQjI5N0NGODgzNzlE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZCRUYzM0EtMUU2Qy00RDQ4LUJDM0ItQjI5N0NGODgzNzlE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 380
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Request Chain 381
  • https://ap.lijit.com/beacon?informer=13406715 HTTP 302
  • https://ap.lijit.com/beacon?informer=13406715&dnr=1
Request Chain 382
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Request Chain 392
  • https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9a827d96-ff55-41ec-a7f8-04e1668507aa&bidswitch_ssp_id=sonobi
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9a827d96-ff55-41ec-a7f8-04e1668507aa HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk83a60a6a-b0b4-4e7b-8055-66fc978c0f13&expires=7&user_group=5&ssp=gumgum2&bsw_param=9a827d96-ff55-41ec-a7f8-04e1668507aa HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
Request Chain 394
  • https://id5-sync.com/s/441/9.gif?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAEi-fDUNgH9MQJQWSuxIJ8GWOYc_0cdYcM9rLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAEi-fDUNgH9MQJQWSuxIJ8GWOYc_0cdYcM9rLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 395
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=565cb74d-d219-4cf0-b470-4689722abe1d&pubid=e315a43aa9
Request Chain 396
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9f846089-3cc9-4d00-be57-368269184655
Request Chain 398
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/b270bb0c-0fbd-366a-aeef-0ad8ec12bcd6?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Me4xzjJE2oWHpyDqrQMHD9in6CHXCwFMQH7JxIE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=565cb74d-d219-4cf0-b470-4689722abe1d
Request Chain 399
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f846089-3cc9-4d00-be57-368269184655
Request Chain 400
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=J71x6SLuKuk8un3jJrRk5iW1cOQ8vC_oJ7h5rLyU
Request Chain 401
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=70888129581329036
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO0xYAsWBMtHWoRm9l-4zM&google_cver=1
Request Chain 406
  • https://um.simpli.fi/lj_match?r=1619606729485&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=2200B43607954C8B9FEF94B76EF05018
Request Chain 407
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1445622927 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/565cb74d-d219-4cf0-b470-4689722abe1d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
Request Chain 408
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAFYP07BEnoAACsHPWFUcQ&gdpr=0
Request Chain 409
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=wOV0jru1DNFU&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 410
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=1036997701708461165&gdpr=0&gdpr_consent=
Request Chain 411
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5
Request Chain 412
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=TA4Eaqs35RaErFaM5NBc&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597494625522457&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=9a827d96-ff55-41ec-a7f8-04e1668507aa
Request Chain 414
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=7a69bc50656b6b0a1d97d169&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:9f185057aa08527231786a8596106ea8
Request Chain 415
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&gdpr=0&gdpr_consent=
Request Chain 416
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 417
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r
Request Chain 418
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KO1C12NH-15-Y0Q&gdpr=0
Request Chain 419
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=7a69bc50656b6b0a1d97d169&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Request Chain 421
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=da0abc61-712b-4a84-a191-5f2ebbc8934b
Request Chain 422
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1871316019586082371
Request Chain 424
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KO1C12NH-15-Y0Q&gdpr=0
Request Chain 430
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=4371649259542192953&gdpr=0&gdpr_consent=
Request Chain 431
  • https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 433
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8571943631700968686&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 434
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=N8IMT_utio25_Ha2E8Ibgw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=9a827d96-ff55-41ec-a7f8-04e1668507aa HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=9db6284d-b3f4-4c15-99e6-8d72181001c1&expires=10&ssp=openx&bsw_param=9a827d96-ff55-41ec-a7f8-04e1668507aa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=9a827d96-ff55-41ec-a7f8-04e1668507aa
Request Chain 438
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEPzk7BEnoAACq2qiqKMw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 439
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Request Chain 440
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68f6c4d7-50d1-478e-b4cd-b604e656253d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=365298fa-163d-5276-bbaf-2cfddb261037&ssp=gumgum2&expires=30&user_group=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
Request Chain 441
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28K6-8LAPYzQ24EPhxZgSzyHGZfAlDa5sA_Eon8S8I4xsUftVF7gmRZLR_TWK5Ufk-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28K6-8LAPYzQ24EPhxZgSzyHGZfAlDa5sA_Eon8S8I4xsUftVF7gmRZLR_TWK5Ufk-%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68f6c4d7-50d1-478e-b4cd-b604e656253d&obuid=ENC(K6-8LAPYzQ24EPhxZgSzyHGZfAlDa5sA_Eon8S8I4xsUftVF7gmRZLR_TWK5Ufk-) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26uid%3D%23PMUID%26obUid%3D%24D
Request Chain 442
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=1fa92203-7a3e-0bf5-38f3-2aec088b207f
Request Chain 443
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-46acc9db-5f16-47b9-6ccd-f02e7c77f430$ip$185.9.18.83
Request Chain 444
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fH5L8qJE2pc7tlXmVUgBcTXdskDM3ySm_eXb~A
Request Chain 449
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0
Request Chain 450
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5833430283 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/565cb74d-d219-4cf0-b470-4689722abe1d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
Request Chain 451
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
Request Chain 453
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Request Chain 454
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
Request Chain 457
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
Request Chain 459
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Request Chain 460
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082371
Request Chain 461
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIk8yQxaiPSNajbMJuV_5gAABJ0AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJDkWAGEuyx42-0tQxHl_88&google_cver=1
Request Chain 470
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIk8yQxaiPSNajbMJuV-5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI06BpChTBrc94M1_qYs7mc&google_cver=1
Request Chain 471
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ffa4a07-de95-4773-af18-8cd7b366bf3c
Request Chain 472
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f43a455d-2e80-493b-b3c9-57e8f1a044de&expiration=1651142731

472 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 33965818%20tsara-Brashears
krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/
Redirect Chain
  • https://www.krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
  • https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
93 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
188d06b62b9b9f512a1cbd81b53926b31188704ea649b9e9f946cee49dd05866
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:method
GET
:authority
krdo.com
:scheme
https
:path
/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://krdo.com/wp-json/>; rel="https://api.w.org/"
server
nginx
strict-transport-security
max-age=300
x-distributor
yes
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-gmg2b
x-styx-req-id
d24b4200-a80e-11eb-b12d-22e18ff8b3f5
date
Wed, 28 Apr 2021 10:45:17 GMT
x-served-by
cache-mdw17327-MDW, cache-fra19122-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1619606718.552923,VS0,VE344
vary
Accept-Encoding, Cookie, Cookie
age
0
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish

Redirect headers

retry-after
0
server
Pantheon
location
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
x-pantheon-redirect
primary-domain-policy-doc
date
Wed, 28 Apr 2021 10:45:17 GMT
x-served-by
cache-fra19122-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1619606718.527862,VS0,VE1
age
0
accept-ranges
bytes
via
1.1 varnish
content-length
0
style.min.css
krdo.com/wp-includes/css/dist/block-library/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651e-c8e9"
age
1166549
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-tvn2b
x-cache
HIT, HIT
content-length
9895
x-served-by
cache-mdw17325-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:46 GMT
server
nginx
x-timer
S1619606718.920072,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd251818-9d72-11eb-94b2-d283e8b80392
x-cache-hits
1, 1
style.min.css
krdo.com/wp-includes/css/dist/components/ 		108 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/css/dist/components/style.min.css?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f08f755a5b784988aeb7f66b0f5700ff6fb7a840f258867cab7813d1b7ad4e25
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/css/dist/components/style.min.css?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651e-1ae8a"
age
1166549
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-x6gqv
x-cache
HIT, HIT
content-length
20855
x-served-by
cache-mdw17323-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:46 GMT
server
nginx
x-timer
S1619606718.920114,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd268a28-9d72-11eb-a210-fac9d7628352
x-cache-hits
1, 1
style.min.css
krdo.com/wp-includes/css/dist/block-editor/ 		91 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/css/dist/block-editor/style.min.css?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/css/dist/block-editor/style.min.css?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6081a19c-16aee"
age
459011
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-ph4fr
x-cache
HIT, HIT
content-length
16456
x-served-by
cache-mdw17324-MDW, cache-fra19122-FRA
last-modified
Thu, 22 Apr 2021 16:17:32 GMT
server
nginx
x-timer
S1619606718.920408,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sun, 24 Apr 2022 03:15:06 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
1a8ecb0a-a3e2-11eb-a8b8-6672a338f697
x-cache-hits
1, 1
style.min.css
krdo.com/wp-includes/css/dist/nux/ 		2 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/css/dist/nux/style.min.css?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b35458211222e1663db842be7af5e535d3bbeaf88c9b813e64745b0c64d0b613
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/css/dist/nux/style.min.css?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651e-9ce"
age
1166549
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-x6gqv
x-cache
HIT, HIT
content-length
729
x-served-by
cache-mdw17322-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:46 GMT
server
nginx
x-timer
S1619606718.920392,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd250996-9d72-11eb-a210-fac9d7628352
x-cache-hits
1, 1
style.min.css
krdo.com/wp-includes/css/dist/editor/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/css/dist/editor/style.min.css?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a12923292a67cc935e133a77981d62e4041731677a7442e2624325595a55014
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/css/dist/editor/style.min.css?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651e-5af0"
age
1166549
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-dsr58
x-cache
HIT, HIT
content-length
4702
x-served-by
cache-mdw17361-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:46 GMT
server
nginx
x-timer
S1619606718.920396,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd24e809-9d72-11eb-8bb7-16b0f439e909
x-cache-hits
1, 1
mediacloud-mux.blocks.style.css
krdo.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/ 		141 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/mediacloud-mux.blocks.style.css
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/plugins/ilab-media-tools-premium/public/blocks/mediacloud-mux.blocks.style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606afbc7-8d"
age
1909537
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-5r67t
x-cache
HIT, HIT
content-length
133
x-served-by
cache-mdw17343-MDW, cache-fra19122-FRA
last-modified
Mon, 05 Apr 2021 12:00:07 GMT
server
nginx
x-timer
S1619606718.920467,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Thu, 07 Apr 2022 08:19:40 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
d5ae7f75-96b0-11eb-93c5-7e687a0712b9
x-cache-hits
1, 1
theme.min.css
krdo.com/wp-content/themes/storymate-npg/build/css/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/themes/storymate-npg/build/css/theme.min.css?ver=1.4.20
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-npg/build/css/theme.min.css?ver=1.4.20
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"607612aa-67e6"
age
1189120
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-hclws
x-cache
HIT, HIT
content-length
7053
x-served-by
cache-mdw17339-MDW, cache-fra19122-FRA
last-modified
Tue, 13 Apr 2021 21:52:42 GMT
server
nginx
x-timer
S1619606718.920653,VS0,VE0
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 16:26:37 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
2f45e572-9d3e-11eb-a792-7ee28ae81ccc
x-cache-hits
1, 2600
theme.min.css
krdo.com/wp-content/themes/storymate-theme/build/css/ 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/themes/storymate-theme/build/css/theme.min.css?ver=1.4.20
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-theme/build/css/theme.min.css?ver=1.4.20
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6082e281-e34a"
age
373280
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-hclws
x-cache
MISS, HIT
content-length
13902
x-served-by
cache-mdw17340-MDW, cache-fra19122-FRA
last-modified
Fri, 23 Apr 2021 15:06:41 GMT
server
nginx
x-timer
S1619606718.920836,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Mon, 25 Apr 2022 03:03:57 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
b6322c04-a4a9-11eb-a792-7ee28ae81ccc
x-cache-hits
0, 1
style.min.css
krdo.com/wp-content/plugins/pojo-accessibility/assets/css/ 		51 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606ad3c7-cbb9"
age
1957195
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-hcpcx
x-cache
HIT, HIT
content-length
5957
x-served-by
cache-mdw17363-MDW, cache-fra19122-FRA
last-modified
Mon, 05 Apr 2021 09:09:27 GMT
server
nginx
x-timer
S1619606718.920821,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Wed, 06 Apr 2022 19:05:22 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
df096bb0-9641-11eb-8cee-265f4dcebb3d
x-cache-hits
1, 1
socialshare.css
krdo.com/wp-content/plugins/wp-social-sharing/static/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/plugins/wp-social-sharing/static/socialshare.css?ver=1.6
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/plugins/wp-social-sharing/static/socialshare.css?ver=1.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"607f36d1-1aa5"
age
597200
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-gmg2b
x-cache
HIT, HIT
content-length
1270
x-served-by
cache-mdw17327-MDW, cache-fra19122-FRA
last-modified
Tue, 20 Apr 2021 20:17:21 GMT
server
nginx
x-timer
S1619606718.920794,VS0,VE3
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Fri, 22 Apr 2022 12:51:57 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
5b2e4fa7-a2a0-11eb-b12d-22e18ff8b3f5
x-cache-hits
1, 1
ready.js
pymx5.com/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ready.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:02:35 GMT
age
2562
x-guploader-uploadid
ABg5-Uz9-qO47XBo7R-HYBf5WsF92H_YhsPg5xeWp2sxkQ1EMU6cBzUrkkvNUBK8ekuwOn00RyeV4wAEot1o8uehN54gn5fMYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
1278
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"06467ab40d7f92f9794f0b20431992be"
x-goog-hash
crc32c=fis9Og==, md5=BkZ6tA1/kvl5TwsgQxmSvg==
x-goog-generation
1606731190144133
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1278
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:02:35 GMT
ims.js
pymx5.com/scripts/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ims.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:20:47 GMT
age
1470
x-guploader-uploadid
ABg5-UzEuGEu7P6HW-d2owDVl-DsSgw8akMuAhDaIDPvpMwGq0YRcCCCpX69MaAVKI8fbwDLeW76SW4JR7l57t5Eu64
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
16603
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"ad907d3febe0f354e5ddae6c691909db"
x-goog-hash
crc32c=p2OvPg==, md5=rZB9P+vg81Tl3a5saRkJ2w==
x-goog-generation
1606731190006726
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
16603
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:20:47 GMT
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:20:12 GMT
age
1506
x-guploader-uploadid
ABg5-UzZPuo7-f89-2W2-bMpWIutBE53oxZVoN66LlIcXjC5ZAT5y8NuOvsoZv8YqPItay61U11atKzgekr17rP8Fg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8946
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1606731190093338
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:20:12 GMT
jquery.min.js
krdo.com/wp-includes/js/jquery/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"607265dc-15d98"
age
1420133
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-g2kb7
x-cache
MISS, HIT
content-length
36073
x-served-by
cache-mdw17321-MDW, cache-fra19122-FRA
last-modified
Sun, 11 Apr 2021 02:58:36 GMT
server
nginx
x-timer
S1619606718.920915,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Wed, 13 Apr 2022 00:16:24 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
50ed07ad-9b24-11eb-be07-4211e91ada20
x-cache-hits
0, 1
jquery-migrate.min.js
krdo.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6061fd11-2bd8"
age
2544561
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-tvn2b
x-cache
HIT, HIT
content-length
4565
x-served-by
cache-mdw17383-MDW, cache-fra19122-FRA
last-modified
Mon, 29 Mar 2021 16:15:13 GMT
server
nginx
x-timer
S1619606718.931688,VS0,VE1
date
Wed, 28 Apr 2021 10:45:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Mar 2022 23:55:56 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
4d95a8a1-90ea-11eb-94b2-d283e8b80392
x-cache-hits
1, 1
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053213500c702ba4e3636bd9c26efbbb54e02430479ccae9b147fd58e59f3c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 138 of 1000 / last-modified: 1619602879"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21211
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:17 GMT
MIN-30460.js
apv-launcher.minute.ly/api/launcher/ 		602 KB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-30460.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
83aaa3355ed89aafe3712587ae1e1be417090170514c7b7cdff372b50ac1e9fb

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:18 GMT
Content-Encoding
gzip
X-HW
1619606718.dop124.fr8.t,1619606718.cds211.fr8.shn,1619606718.dop124.fr8.t,1619606718.cds126.fr8.s,1619606718.dop030.dc2.r,1619606718.cds010.dc2.c,1619606718.cds126.fr8.p
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
370147
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:17 GMT
Content-Encoding
gzip
x-amz-request-id
5BE94SRWFAVGV6KN
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
UHZ1M7Ew2kMfC0OOdUcDgpivU6fMYEDCTASgK41blK6kjlk4fUQ8DjDXNIAFTEux8/fej9hjTrc=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
npgco.js
cdn.blueconic.net/ 		129 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/npgco.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
76c9eda3556c160117a7bca206f3edb3488ceb708bf952685b8aaf0cc01be89a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
321
x-cache
Hit from cloudfront
content-length
39527
x-xss-protection
1; mode=block
last-modified
Wed, 24 Mar 2021 10:30:16 GMT
server
-
etag
"20226-5be45c8e79f88-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
FRA56-C1
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
3ihkz1OO-1aqpzXwLQIZL0rGPdvqrqONWWk9e_a74U083LS7Eot76A==
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-19609167-1
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9965517ae37704f4accb3423aea990e4dfa146033851393bd92c6b6a937a4359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35787
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Apr 2021 10:45:18 GMT
krdo_logo_100px_width.png
krdo.com/wp-content/uploads/2020/05/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.com/wp-content/uploads/2020/05/krdo_logo_100px_width.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4dc936cd183d17603973bc304151489dff218f8ecbe668bc8575e283cffc6a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/uploads/2020/05/krdo_logo_100px_width.png
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish
etag
"5f46b465-2d01"
age
4150509
x-cache
HIT, HIT
x-cache-hits
1, 1
content-length
11521
x-served-by
cache-mdw17321-MDW, cache-fra19122-FRA
last-modified
Wed, 26 Aug 2020 19:13:41 GMT
server
nginx
x-timer
S1619606718.197051,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
content-type
image/png
x-styx-req-id
29ec2ede-824f-11eb-9c8f-461c860d1d20
expires
Sat, 12 Mar 2022 09:50:08 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe4-b-7fbc4c4c64-zxtdc
wp-emoji-release.min.js
krdo.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"60776527-3795"
age
1166549
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-g2kb7
x-cache
HIT, HIT
content-length
5269
x-served-by
cache-mdw17371-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:55 GMT
server
nginx
x-timer
S1619606718.197213,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd2508c9-9d72-11eb-be07-4211e91ada20
x-cache-hits
1, 1
9000_clear_night.png
krdo.com/wp-content/themes/storymate-npg/assets/images/weather-icons/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.com/wp-content/themes/storymate-npg/assets/images/weather-icons/9000_clear_night.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dbb94a32a02ad06e99ef71dde63711b858cf76a0c68763fbbc31d834728536eb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-npg/assets/images/weather-icons/9000_clear_night.png
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish
etag
"606f8ef5-da6"
age
1650528
x-cache
HIT, HIT
x-cache-hits
1, 1
content-length
3494
x-served-by
cache-mdw17334-MDW, cache-fra19122-FRA
last-modified
Thu, 08 Apr 2021 23:17:09 GMT
server
nginx
x-timer
S1619606718.197185,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
content-type
image/png
x-styx-req-id
e2f5d641-990b-11eb-a2ac-b657c2a24617
expires
Sun, 10 Apr 2022 08:16:29 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-ldth2
TV-Chip-Chart.png
krdo.b-cdn.net/2019/10/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2019/10/TV-Chip-Chart.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
5a4497839e0ae6eab047d5021c57e802c22d44f7c5a217f79e2bfdef89e77b76

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
601
x-amz-request-id
D0A3BF8C4F5715D9
cdn-cachedat
2021-04-07 20:29:46
cdn-pullzone
145657
content-length
10557
x-amz-id-2
YmXAmmfBrQ1ituhVJbQi12ZKRFBBlemBt3MJPnezjrQULxh1bTeBKErwLN0cgTHO/rTHGiSGiDAv
last-modified
Mon, 28 Oct 2019 22:22:43 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
d1db8f45eed5e5c2b0c6cb36deb2f192
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
KRDO-App-Promo-Tile.jpg
krdo.b-cdn.net/2019/11/ 		440 KB
440 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2019/11/KRDO-App-Promo-Tile.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
b856a1f244edcfcd3e73b176ae8be419babc70d1c2b8f67a55a8aea8491dff27

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
601
x-amz-request-id
AFBFA20665091AB4
cdn-cachedat
2021-04-27 21:08:00
cdn-pullzone
145657
content-length
450183
x-amz-id-2
Tpaq2KVjfmtxSPVdNN5fiGCAREL6TGAmeX0qP1Dd/kkCeDoaWUOek84kWuo7owNm1FhUeOsFju0K
last-modified
Mon, 04 Nov 2019 16:07:14 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
2e400f27fa3d5b83b7d7198385de78c7
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
krdo-news-app-icon.jpg
s3.us-east-1.wasabisys.com/krdo.com/2019/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.wasabisys.com/krdo.com/2019/10/krdo-news-app-icon.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 , United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/6.2.4542-2021-04-06-384c1a6 (head12) /
Resource Hash
f5fa41eccf99a1214e8deae54e7a829323bc944a3feb36788ec4268b340c36d6

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:18 GMT
Last-Modified
Tue, 29 Oct 2019 02:23:38 GMT
Server
WasabiS3/6.2.4542-2021-04-06-384c1a6 (head12)
x-amz-request-id
54709058E6C394BA
ETag
"420a269468541974f7910ad6fae6948a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22598
x-amz-id-2
MBjXPrc+oyuImUOZnJdKtS15jq5xF5yVzW2UI+9ylmtDLy33WJ6oZWPANiFeR0GJGwImBkwP5yE6
krdo-weather-app-icon.jpg
s3.us-east-1.wasabisys.com/krdo.com/2019/10/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.wasabisys.com/krdo.com/2019/10/krdo-weather-app-icon.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.106.51 , United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software
WasabiS3/6.2.4542-2021-04-06-384c1a6 (head03) /
Resource Hash
018e0121961b21bc46ee1beb63adcefdf5caf392cb44a139c5684e4c47c56ec4

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:18 GMT
Last-Modified
Tue, 29 Oct 2019 02:23:40 GMT
Server
WasabiS3/6.2.4542-2021-04-06-384c1a6 (head03)
x-amz-request-id
205876C1D4B3C2C1
ETag
"b9d74dd4c21965d322d3d64186bcb53c"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
24739
x-amz-id-2
apQtnFSdoMfepPAnzDLEWcZRes7QfAwBXG4fZrePHf8Y6uMwuGRqTNcruQwfexlkVnbnKFZwNRfc
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		329 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment-with-locales.min.js?ver=2.24.0
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3159524
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54791
cf-request-id
09b9ae5e570000d6b5431e1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-52243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oZ6wUuWyEEY6U%2BMzhrA5tKy2piR2kWrXCLWTf%2FabkW9vdlKOp3WC1EoZhK2lQYhFIz2VvEqUgVHqB0%2FfNM8b2p43t16yCDUhxYqrUU822LerByLCS5Rnd5zI%2Feci2n0h2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646fb343bfb1d6b5-FRA
expires
Mon, 18 Apr 2022 10:45:18 GMT
moment-timezone-with-data.min.js
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/ 		181 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/moment-timezone-with-data.min.js?ver=0.5.26
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1164173
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21383
cf-request-id
09b9ae5e7700004a98e21f8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2d327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IxFzTglOGJ%2FVxEDXpGW1HrQ6z0ulxraG5iGQItY4YcTZvLxo1I0udFypqVRwDyFWF6%2BkMOiPNcct0MIrL9OWXsn4c7iFTcyFEuxvBvW3pCFmdt0w6ZL7gfMro5e0RYuRjA%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646fb343ff624a98-FRA
expires
Mon, 18 Apr 2022 10:45:18 GMT
underscore.min.js
krdo.com/wp-includes/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2a74bed0a7101fa4538a22c2fd1d674f29609c86c0a081d1648e40b9938d70c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/underscore.min.js?ver=1.8.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6082cd82-3eb9"
age
406387
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-hclws
x-cache
HIT, HIT
content-length
6386
x-served-by
cache-mdw17345-MDW, cache-fra19122-FRA
last-modified
Fri, 23 Apr 2021 13:37:06 GMT
server
nginx
x-timer
S1619606718.098020,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sun, 24 Apr 2022 17:52:10 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
a0eb76b0-a45c-11eb-a792-7ee28ae81ccc
x-cache-hits
1, 1
backbone.min.js
krdo.com/wp-includes/js/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f9e7a6e11308489179c7ed15c1adc9a3d6f81bdfed8481481bc4998a4880754
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/backbone.min.js?ver=1.4.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"60634361-5d14"
age
2411895
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-k4mp4
x-cache
HIT, HIT
content-length
9085
x-served-by
cache-mdw17364-MDW, cache-fra19122-FRA
last-modified
Tue, 30 Mar 2021 15:27:29 GMT
server
nginx
x-timer
S1619606718.111793,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Fri, 01 Apr 2022 12:47:03 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
316430a5-921f-11eb-8366-b2313de218f8
x-cache-hits
1, 1
api-request.min.js
krdo.com/wp-includes/js/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/api-request.min.js?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/api-request.min.js?ver=5.7
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"60776fe4-401"
age
1166549
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-5r67t
x-cache
HIT, HIT
content-length
597
x-served-by
cache-mdw17378-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 22:42:44 GMT
server
nginx
x-timer
S1619606718.177127,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd300bcc-9d72-11eb-93c5-7e687a0712b9
x-cache-hits
1, 1
wp-api.min.js
krdo.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/wp-api.min.js?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5657f71f777371b255ff1acbb3a32d489653b8777e7151f7a1fe81b073d1c73e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/wp-api.min.js?ver=5.7
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651f-3960"
age
1166549
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-hclws
x-cache
HIT, HIT
content-length
4675
x-served-by
cache-mdw17358-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:47 GMT
server
nginx
x-timer
S1619606718.177355,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd25fb36-9d72-11eb-a792-7ee28ae81ccc
x-cache-hits
1, 1
theme.min.js
krdo.com/wp-content/themes/storymate-npg/build/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/themes/storymate-npg/build/js/theme.min.js?ver=1.4.20
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-npg/build/js/theme.min.js?ver=1.4.20
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6071d725-43ae"
age
1524786
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-h96fr
x-cache
HIT, HIT
content-length
5992
x-served-by
cache-mdw17344-MDW, cache-fra19122-FRA
last-modified
Sat, 10 Apr 2021 16:49:41 GMT
server
nginx
x-timer
S1619606718.177307,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 11 Apr 2022 19:12:11 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
a729c678-9a30-11eb-850f-ea265e180665
x-cache-hits
1, 1
vendor.min.js
krdo.com/wp-content/themes/storymate-theme/build/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/themes/storymate-theme/build/js/vendor.min.js?ver=1.4.20
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-theme/build/js/vendor.min.js?ver=1.4.20
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606e07ba-af26"
age
1742301
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-hcpcx
x-cache
HIT, HIT
content-length
13737
x-served-by
cache-mdw17368-MDW, cache-fra19122-FRA
last-modified
Wed, 07 Apr 2021 19:27:54 GMT
server
nginx
x-timer
S1619606718.177294,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 09 Apr 2022 06:46:57 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
36364655-9836-11eb-8cee-265f4dcebb3d
x-cache-hits
1, 1
theme.min.js
krdo.com/wp-content/themes/storymate-theme/build/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/themes/storymate-theme/build/js/theme.min.js?ver=1.4.20
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/themes/storymate-theme/build/js/theme.min.js?ver=1.4.20
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606ea22b-1638"
age
1701001
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-ldth2
x-cache
HIT, HIT
content-length
2118
x-served-by
cache-mdw17335-MDW, cache-fra19122-FRA
last-modified
Thu, 08 Apr 2021 06:26:51 GMT
server
nginx
x-timer
S1619606718.177280,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 09 Apr 2022 18:15:16 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
5ec9cae2-9896-11eb-a2ac-b657c2a24617
x-cache-hits
1, 1
app.min.js
krdo.com/wp-content/plugins/pojo-accessibility/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606ea68d-14c1"
age
1735797
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-6c7h4
x-cache
HIT, HIT
content-length
1841
x-served-by
cache-mdw17341-MDW, cache-fra19122-FRA
last-modified
Thu, 08 Apr 2021 06:45:33 GMT
server
nginx
x-timer
S1619606718.177462,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Sat, 09 Apr 2022 08:35:21 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
5af8f0f3-9845-11eb-a097-0a947f1fbe5b
x-cache-hits
1, 1
socialshare.js
krdo.com/wp-content/plugins/wp-social-sharing/static/ 		348 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-content/plugins/wp-social-sharing/static/socialshare.js?ver=1.6
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-content/plugins/wp-social-sharing/static/socialshare.js?ver=1.6
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"606823ad-15c"
age
2135209
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-x6gqv
x-cache
HIT, HIT
content-length
248
x-served-by
cache-mdw17323-MDW, cache-fra19122-FRA
last-modified
Sat, 03 Apr 2021 08:13:33 GMT
server
nginx
x-timer
S1619606718.197084,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 04 Apr 2022 17:38:29 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
66cfb017-94a3-11eb-a210-fac9d7628352
x-cache-hits
1, 1
wp-embed.min.js
krdo.com/wp-includes/js/ 		1 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7
pragma
no-cache
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6077651f-592"
age
1166549
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-dsr58
x-cache
HIT, HIT
content-length
779
x-served-by
cache-mdw17365-MDW, cache-fra19122-FRA
last-modified
Wed, 14 Apr 2021 21:56:47 GMT
server
nginx
x-timer
S1619606718.197082,VS0,VE1
date
Wed, 28 Apr 2021 10:45:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Fri, 15 Apr 2022 22:42:49 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
bd2693f1-9d72-11eb-8bb7-16b0f439e909
x-cache-hits
1, 1
get-context
api.pymx5.com/v1/publisher/ 		60 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/publisher/get-context
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ifilter-eval.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/ifilter-eval.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:20:48 GMT
age
1470
x-guploader-uploadid
ABg5-UyAu--QXs6VFvwsuxE6DTAKu1-Ph7vEquOEuZ8b_J8Z7IZcLMEBW0x00gy89AWEFN6AIWAsweU_4hq-funpPxDzyh84Dw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8929
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"b8c23f3782f2b89bad7344ea2720b5ba"
x-goog-hash
crc32c=1cvcAw==, md5=uMI/N4LyuJutc0TqJyC1ug==
x-goog-generation
1606731190094809
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8929
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:20:48 GMT
messageRequest.js
pymx5.com/scripts/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/messageRequest.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:44:08 GMT
age
70
x-guploader-uploadid
ABg5-Uwa9PUZs7xNBN5iTOhViJmNOP-bDl183a_QQYVHrxZHnq1ZbxqKu_L5HMziOZQTNHMhbu64bDd40NNoEXvAG7Ujph9Dzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
6018
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"1c14d674aa94ed0a5b5b0830b8648345"
x-goog-hash
crc32c=5DBAqw==, md5=HBTWdKqU7QpbWwgwuGSDRQ==
x-goog-generation
1606731190132296
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
6018
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:44:08 GMT
imstag.min.js
pymx5.com/ad-rendring/src/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/ad-rendring/src/imstag.min.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:34:39 GMT
age
639
x-guploader-uploadid
ABg5-Uwy89HfFZ-tNZU0hRk5hqzyZc82luHAhaPp4bf3gjErCNQRJLEajcaAVMuIM7_0kxCPMTEPt6r-SpoT5Il2b04
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
102578
last-modified
Tue, 05 Jan 2021 10:02:41 GMT
server
UploadServer
etag
"298e66c7b1579da377cb19aec5a997c7"
x-goog-hash
crc32c=o3Vcbw==, md5=KY5mx7FXnaN3yxmuxamXxw==
x-goog-generation
1609840961551922
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
102578
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:34:39 GMT
pubads_impl_2021042601.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Apr 2021 08:39:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108658
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
gtm.js
www.googletagmanager.com/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDK3J36
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c77a2a7b7f1056774a164402efd7a30808af479830d550a127165d2fff13d954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30560
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Apr 2021 10:45:18 GMT
t
jadserve.postrelease.com/ 		97 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-23-66.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
1009
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		46 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/1009?referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-28T12%3A45%3A18%2B02%3A00&ts=1619606718163
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
07c97a31c7bc04fe64261cae8e138baeb572b326d6e827d9419f9273c185e9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://krdo.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8369
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
FPkbYTxV-Capture-375x225.jpg
krdo.b-cdn.net/2021/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/FPkbYTxV-Capture-375x225.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
a6008e0d18b4f7ed1dae3153f062d8e1cae37f1d2d83f1af5aaadec6c81371c6

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
632
x-amz-request-id
C2FAC48E84D42761
cdn-cachedat
2021-04-28 01:37:55
cdn-pullzone
145657
content-length
23300
x-amz-id-2
Q+pYs1IEVyv4wYdL3dTg4aO92EbaaSkXHlsMvqDGR6bmfYvgAN9xS7rjqOhiXzjIb3HGr0SwvM0V
last-modified
Tue, 27 Apr 2021 23:36:53 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
12ffb6c279adf135436cd9d1f3caf608
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
Liberty-soccer-practice-500x321.png
krdo.b-cdn.net/2021/04/ 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/Liberty-soccer-practice-500x321.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
d0730e50f03116513450b2907e73b72f1ed1ea1b2a9e75c3545c3cb5c4d0a94e

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
632
x-amz-request-id
DE2E3F2640C42A76
cdn-cachedat
2021-04-28 06:51:08
cdn-pullzone
145657
content-length
225023
x-amz-id-2
r3LG+KfMBZjA/0Acnt+iH2zrzkF9dyVu4kXqczVmXNVoFgxYBD+n0tpNtz0ATs75aGHA/O5b5r4H
last-modified
Wed, 28 Apr 2021 04:46:31 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
2a761b3c74025426da6f8d2af4f9ab0c
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
SOTS.00_00_59_06.Still001-500x321.jpg
krdo.b-cdn.net/2021/04/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/SOTS.00_00_59_06.Still001-500x321.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
7d5559a385b3e4e12aeb1b21f2f855ae69829129a3c7016b88ea326f6b79b4e2

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
632
x-amz-request-id
B7F215F96D5E1B8E
cdn-cachedat
2021-04-28 02:47:30
cdn-pullzone
145657
content-length
34270
x-amz-id-2
XF8tUDPU97cBSNfTLlOBK7iMr+XBOtKbRE9d0P+3qOGFyap5kvLxCBlStmmcIAuj2U4CnDct3uda
last-modified
Wed, 28 Apr 2021 00:45:17 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
99dd0b5a743e8f7050f8487a994edfd6
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
Fema-Clinic-2-500x321.jpg
krdo.b-cdn.net/2021/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/Fema-Clinic-2-500x321.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
e3aa2555111bd17ae8a56877a809339e9526d05c0455e9ce9ef7da931d6083c0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
722
x-amz-request-id
7DA9EDEEA4409198
cdn-cachedat
2021-04-28 01:42:12
cdn-pullzone
145657
content-length
22743
x-amz-id-2
+69d1nx5KKkl9UBswKhQrSCdBKxXyMP9EY6PZN2drGUGSQUmNBws0KeW/s1jxHUayWGQ6qZpjNKL
last-modified
Tue, 27 Apr 2021 23:22:06 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
91a8caa9a1c21720f4f6115582f277a9
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
MGN_1280x720_11026P00-LBENC-500x321.jpg
krdo.b-cdn.net/2021/04/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/MGN_1280x720_11026P00-LBENC-500x321.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
eb53fe58942a5b691b82a91966117d1b7a20c7b525a5c5fe5c307b0eea22ae8f

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
565
x-amz-request-id
8CA4F7603CE053EF
cdn-cachedat
2021-04-28 02:16:47
cdn-pullzone
145657
content-length
37764
x-amz-id-2
vngUw9egtYW0Nx5OHopt7eQBvYY9JpKH0012vLzVuqgmY0TgwLkRV6DM7wMkLcfe+1z4F+/FL3ji
last-modified
Wed, 28 Apr 2021 00:06:38 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
bd563766d8160b7aaab8f4337bff25c8
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
car-crash-500x321.jpg
krdo.b-cdn.net/2020/11/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2020/11/car-crash-500x321.jpg
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
35fe1fbe5f45a081eb7ce05b61abbbe4c0d9b6585f7db6b36bcd55c4bd8123c7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
565
x-amz-request-id
7E6429CD78580C19
cdn-cachedat
2021-04-28 01:08:58
cdn-pullzone
145657
content-length
52229
x-amz-id-2
WbtYrmztdYHdd1ipcz0MuPQLN40fKo5tSM0NRGd96J5UiBJcg7YOOJV4+2PdFnISWAaAbnhgRIzd
last-modified
Sun, 22 Nov 2020 03:39:32 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
17abf16d710037a0ae1dcbed6c182d7e
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
Screen-Shot-2021-04-27-at-12.16.12-PM-500x321.png
krdo.b-cdn.net/2021/04/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2021/04/Screen-Shot-2021-04-27-at-12.16.12-PM-500x321.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
fa37ed1e832bb71502b4c56b96d4b7aa3cc16356a6c9ce4a7adb1132ebb0f1a0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
601
x-amz-request-id
337DFD859BDB0466
cdn-cachedat
2021-04-27 21:45:22
cdn-pullzone
145657
content-length
268774
x-amz-id-2
ex00qCPbcZBaWjSHMI+hD8T7BLVomPzpgbsUlh2kjoWSrHKByvaorqs3p0iDqa4OCHP0Z3KLbnXs
last-modified
Tue, 27 Apr 2021 18:16:37 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
d5fe5e96ec13e68e2119f4656f3a6186
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1325689873821024&correlator=1558008868796343&output=ldjh&impl=fif&eid=31060933%2C31060398&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=6123%2Ckrdo&enc_prev_ius=%2F0%2F1&prev_iu_szs=2x1&prev_scp=wp_unit%3DInArticle&cookie_enabled=1&bc=31&abxe=1&lmt=1619606718&dt=1619606718291&dlt=1619606717902&idt=205&frm=20&biw=1600&bih=1200&oid=3&adxs=220&adys=700&adks=332515120&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x1&msz=760x1&ga_vid=334410478.1619606718&ga_sid=1619606718&ga_hid=527459048&ga_fc=false&fws=4&ohw=800&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
051d3c89d1bffc47d303951f166e74acd85322e74d30a91cae41a4a82b9a44a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4271
x-xss-protection
0
google-lineitem-id
192402263
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294985724
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1325689873821024&correlator=1558008868796343&output=ldjh&impl=fif&eid=31060933%2C31060398&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=6123%2CKRDO&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Datf%26wp_unit%3DMedium%2520Rectangle%25201&cookie_enabled=1&bc=31&abxe=1&lmt=1619606718&dt=1619606718297&dlt=1619606717902&idt=205&frm=20&biw=1600&bih=1200&oid=3&adxs=1050&adys=473&adks=1343987547&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=399x2187&msz=359x274&ga_vid=334410478.1619606718&ga_sid=1619606718&ga_hid=527459048&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
431d0013699d4e59c1e8f2a9ee73f8c5731b52adf79c207ef673ae7f7180d19f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4361
x-xss-protection
0
google-lineitem-id
256357103
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138250857808
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
krdo-footer-final.png
krdo.b-cdn.net/2020/04/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krdo.b-cdn.net/2020/04/krdo-footer-final.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
a75c89b2d5cc5e2b7bd07baf0aaa7b042312a9c82fded3aac36c9fad3cf2565e

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cdn-edgestorageid
632
x-amz-request-id
7A59175826502307
cdn-cachedat
2021-04-28 11:28:54
cdn-pullzone
145657
content-length
75932
x-amz-id-2
z/Yg0ec43b8Iu2/02aJd4DnoOvP5UVs9XWT6/4c4v2t+T+StVhQZvvI44oNDEckMfAyGuMpARTuw
last-modified
Mon, 13 Apr 2020 16:45:57 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control
public, max-age=2592000
cdn-requestid
1cb22112c6644fd0c0760ccbdb35720f
accept-ranges
bytes
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
/
krdo.com/wp-json/wp/v2/ 		97 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-json/wp/v2/
Requested by
Host: krdo.com
URL: https://krdo.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb80e1c3d87feacefb2a104144f028ff4cc4a9733e2ab7003a66beb8417d3e6b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
:path
/wp-json/wp/v2/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
91a00610-a80e-11eb-b12d-22e18ff8b3f5
age
109
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-gmg2b
x-cache
HIT, MISS
vary
Accept-Encoding, Origin
content-length
10115
x-served-by
cache-mdw17353-MDW, cache-fra19122-FRA
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
nginx
x-timer
S1619606718.348537,VS0,VE99
strict-transport-security
max-age=300
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
public, max-age=600
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
link
<https://krdo.com/wp-json/>; rel="https://api.w.org/"
x-cache-hits
1, 0
livestream-active
krdo.com/wp-json/alerts/v2/ 		26 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-json/alerts/v2/livestream-active?_=1619606717985
Requested by
Host: krdo.com
URL: https://krdo.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
:path
/wp-json/alerts/v2/livestream-active?_=1619606717985
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
d2c508f4-a80e-11eb-92dd-be02913a3124
age
0
x-pantheon-styx-hostname
styx-fe4-b-6c5dfb7cc8-c5c2r
x-cache
MISS, MISS
vary
Accept-Encoding, Origin
content-length
44
x-served-by
cache-mdw17370-MDW, cache-fra19122-FRA
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
nginx
x-timer
S1619606718.351540,VS0,VE293
strict-transport-security
max-age=300
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-cache, must-revalidate, max-age=0
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
link
<https://krdo.com/wp-json/>; rel="https://api.w.org/"
x-cache-hits
0, 0
output-module
krdo.com/wp-json/alerts/v2/ 		3 KB
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krdo.com/wp-json/alerts/v2/output-module?_=1619606717986
Requested by
Host: krdo.com
URL: https://krdo.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65db92b20ff8618885e192158a79845b983ed88ac6bc55be0c463619ea16f6e7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
BCRevision_1619606718162=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718162%22%7D; BCRevision_1619606718163=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619606718163%22%7D
:path
/wp-json/alerts/v2/output-module?_=1619606717986
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-styx-req-id
d2c5ed90-a80e-11eb-a792-7ee28ae81ccc
age
0
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-hclws
x-cache
MISS, MISS
vary
Accept-Encoding, Origin
content-length
612
x-served-by
cache-mdw17358-MDW, cache-fra19122-FRA
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
nginx
x-timer
S1619606718.356042,VS0,VE465
strict-transport-security
max-age=300
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-cache, must-revalidate, max-age=0
x-distributor
yes
accept-ranges
bytes
x-robots-tag
noindex
link
<https://krdo.com/wp-json/>; rel="https://api.w.org/"
x-cache-hits
0, 0
load_optional_tags
api.pymx5.com/v1/sites/ 		0
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
0
ifilter.js
pymx5.com/ad-rendring/src/ 		56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/ad-rendring/src/ifilter.js
Requested by
Host: pymx5.com
URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:02:36 GMT
age
2562
x-guploader-uploadid
ABg5-UyN_vEXCzsJN9WcFHAx9D25k3qd-0xxbjbf4JWstGypg5R_bW_7lCRjxRtJmSsHf3heRZ6qESen3HWIXVvx_9Ft5g52gw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
57026
last-modified
Thu, 25 Jun 2020 05:25:47 GMT
server
UploadServer
etag
"f7990efed3936d14d55077c3722ffac4"
x-goog-hash
crc32c=JzgInw==, md5=95kO/tOTbRTVUHfDci/6xA==
x-goog-generation
1593062747313466
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
57026
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 11:02:36 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1325689873821024&correlator=1558008868796343&output=ldjh&impl=fif&eid=31060933%2C31060398&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=6123%2CKRDO&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=wp_unit%3DMedium%2520Rectangle%2520SB&cookie_enabled=1&bc=31&abxe=1&lmt=1619606718&dt=1619606718365&dlt=1619606717902&idt=205&frm=20&biw=1600&bih=1200&oid=3&adxs=1050&adys=1940&adks=4133154709&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=399x2187&msz=359x274&ga_vid=334410478.1619606718&ga_sid=1619606718&ga_hid=527459048&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4f57595917e832112f2f5e447e9c70d410e734f29146382724ea221d0d03dc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4361
x-xss-protection
0
google-lineitem-id
256357103
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138250857811
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19609167-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4730
date
Wed, 28 Apr 2021 09:26:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 28 Apr 2021 11:26:28 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 16:24:49 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
66029
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 17a71b4bf5d35b398b0fd90a5cd154a7.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
Ac7-0yiEH5wBnrp4iJoVqBny44qmjPYm9lfY0Z5s5azSGnlJ8yyyug==
expires
Wed, 28 Apr 2021 16:24:49 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=527459048&t=pageview&_s=1&dl=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20KRDO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=249954176&gjid=574430918&cid=334410478.1619606718&tid=UA-19609167-1&_gid=1285781267.1619606718&_r=1&gtm=2ou4e1&z=1826713796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
2c0ef76895986d2aea1cc5bceb23fd53
npgco.blueconic.net/plugin/plugin/ 		209 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/plugin/plugin/2c0ef76895986d2aea1cc5bceb23fd53
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
0d59d09fd9126fef5cf3a680eef5967f81cb8f03edd822b2fbdff614c549931e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 10:45:18 GMT
server
-
etag
2c0ef76895986d2aea1cc5bceb23fd53
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
49667
x-xss-protection
1; mode=block
expires
Thu, 28 Apr 2022 10:45:18 GMT
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=krdo.com&p=%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&u=Bvl01aCK5FV8D60gqq&d=krdo.com&g=64295&g0=Unknown&g1=Unknown&n=1&f=00001&c=0&x=0&m=0&y=2568&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1061&t=DAs1irBHJugVWdHTeBXQqadBCyZrt&V=126&i=Page%20not%20found%20-%20KRDO&tz=-120&sn=1&sv=Dt-ODe8J-99CUsOnmBp7XlEDWvevT&sd=1&im=06032c03&_
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
mi-1.13.9.2.js
snippet.minute.ly/publishers/30460/ 		182 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-30460.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924

Request headers

Origin
https://krdo.com
Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hw
1619606718.dop052.fr8.t,1619606718.cds142.fr8.c
cf-request-id
09b9ae60e900002c4e953a3000000001
last-modified
Wed, 22 Apr 2020 12:51:36 GMT
server
cloudflare
etag
W/"1587559896"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sll86sVjjdeyDvEb0ZiQ6lNG7f5iwuQfScq3x%2Fd96%2FSqVuSpi9682S%2BDM9kKSXE7%2F9bsyEwoPqwdu0LVN16A8ebcJZHhldF932agLeuJP5W3SqfOIhoEknenWAPbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
cf-ray
646fb347d9aa2c4e-FRA
access-control-allow-headers
Content-Type
view
securepubads.g.doubleclick.net/pcs/ Frame 52D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssERuzTqZVPZI6ZW6VaXYuQAI0VEtyXaYUUjSBWBYtbrY6I_dAex_c5rAi4kBIpWDFrO33ifEkMSdzmaXxkh1RQ0t_g0v2L3fxn_-WPXjknxUFD4R58IMl04sMCsM5hHTtkEaioLzrNyMOfe8Zy0JvdGrX-Gnr-lyyzlMUv3di1K7S5Bs3ebnQzKasc_yhiX1kYuESvrt0SN3eSyyPpp46SQf2gWZU5V0mwmUY40dRcrQ7yWMQku2ov2siQRR-j2t1qzZDHK7LUZDA6g9WVYXM&sai=AMfl-YQMgKaIJ2ewSI7UOIUHFtERwZo97k82A00UeuT0RfvmG9DjKJrcNkAdEZgD66yE0DhPiRBmgYymffvlQzWLvSRCU3u151Yod8FhXNxB0VW3WdM0W_FBmucPoP4it-g&sig=Cg0ArKJSzC_RuLgcxRGrEAE&urlfix=1&adurl=
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 10:45:18 GMT
RenderAd.aspx
ads3.mthsense.com/ Frame 52D5 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=1748&width=300&height=250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.244.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-244-124.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d757c68311199fcc8d12b4987355d5f4275004be297d75aec99804e80be181f9

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:18 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private, no-cache="set-cookie"
Connection
keep-alive
Content-Length
7894
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52D5 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
_.gif
counter.snackly.co/ 		0
456 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:145c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://krdo.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
646fb3487ced1f1d-FRA
access-control-allow-headers
Content-Type
content-length
0
cf-request-id
09b9ae614c00001f1ddf920000000001
expires
Wed, 28 Apr 2021 10:45:18 GMT
_.gif
counter.snackly.co/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:145c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://krdo.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
646fb3487cef1f1d-FRA
access-control-allow-headers
Content-Type
content-length
0
cf-request-id
09b9ae614d00001f1d5ba33000000001
expires
Wed, 28 Apr 2021 10:45:18 GMT
v-2119a1a5-a931-4af7-1383110-ba2c-d4ce4cbf77c9-s191.89-200.7m.mp4
apv-static.minute.ly/videos/ 		144 KB
144 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-2119a1a5-a931-4af7-1383110-ba2c-d4ce4cbf77c9-s191.89-200.7m.mp4
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
7f5cd81ccb423b7462ee407e24571241eebf1b99eb89b33ab49c8aacc5dde3ce

Request headers

Referer
https://krdo.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 28 Apr 2021 10:45:19 GMT
Last-Modified
Wed, 28 Apr 2021 00:16:59 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1619569019"
X-HW
1619606718.dop156.fr8.t,1619606719.cds005.fr8.shn,1619606719.dop156.fr8.t,1619606719.cds051.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-147071/147072
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
147072
v-cf5e85d1-a00c-421a-1383962-8b37-c36c5009ff13-s58.76-66.3s.mp4
apv-static.minute.ly/videos/ 		60 KB
61 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.minute.ly/videos/v-cf5e85d1-a00c-421a-1383962-8b37-c36c5009ff13-s58.76-66.3s.mp4
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
56ef1976decaf8ed40e3128f6222ebd12e5fa9df83dd9904f49b0a021997a32e

Request headers

Referer
https://krdo.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 28 Apr 2021 10:45:19 GMT
Last-Modified
Wed, 28 Apr 2021 08:24:48 GMT
Access-Control-Allow-Origin
%client.request.headers.origin.value%
ETag
"1619598288"
X-HW
1619606718.dop240.fr8.t,1619606719.cds041.fr8.shn,1619606719.dop240.fr8.t,1619606719.cds137.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-61642/61643
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Range, chrome-proxy
Content-Length
61643
ea76966b19472f9e16c5f4bfb8be1d4a
npgco.blueconic.net/plugin/library/ 		557 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/plugin/library/ea76966b19472f9e16c5f4bfb8be1d4a
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
2a93827e73dc4435d7d173f3991df58efe2a3c0dcba1f2c0ddc80da1afa8476b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 10:45:18 GMT
server
-
etag
ea76966b19472f9e16c5f4bfb8be1d4a
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
167160
x-xss-protection
1; mode=block
expires
Thu, 28 Apr 2022 10:45:18 GMT
LB-Zone-1
npgco.blueconic.net/DG/DEFAULT/rest/rpc/1009/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/1009/LB-Zone-1?referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&bcsessionid=&bctempid=0aecf6c2-a517-4e04-be8c-7814018863bf&overruleReferrer=&time=2021-04-28T12%3A45%3A18%2B02%3A00&ts=1619606718802
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
9bfb593737084dc48cc9375bbf71840f83aab16be7c1b8d098de7cf72807ce6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://krdo.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
884
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
_.gif
counter.snackly.co/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:145c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://krdo.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
646fb348dd831f1d-FRA
access-control-allow-headers
Content-Type
content-length
0
cf-request-id
09b9ae618500001f1d29996000000001
expires
Wed, 28 Apr 2021 10:45:18 GMT
www-widgetapi.js
www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 15:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 00:28:48 GMT
server
sffe
age
68376
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40076
x-xss-protection
0
expires
Wed, 27 Apr 2022 15:45:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7180 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK0Y45aM6ZZL0lA_AsAfWbc-SYvFGfXYe6LJU9W1UrSWbINudWUQVzikTHhRjJHLRD9EYBWTCvUA_z9BYcV72_kktmY4t3gs5mE9dS2zDZ_A_ANPL0xRxZtaBKjEvwjMUqXUdimhxVedz5qiqEzi7p0VPv0sPrk38Hcp9rzcijA8Zqj8TFLjIQ_WkAdejKrFkYZnae1HO9ANnvI6uP3IlbDQ9wtwNTuBi_ZbysyqsPJtkE8flcxtwR0m6lUox0uPXuQTBUAo3rpyHOEtMbNjs&sai=AMfl-YQsB0-fI4XEEACvp7VItaS5HNRmPXuzFo6MTOZr8yRX9gs_XhzTsKjFPXQZCCeWYOBG_RRYJBRWxy52tXPWytxcDHx4rYgzmvQNUJwbyW7VPvJf_gZiCivJDAukXNVG&sig=Cg0ArKJSzKPVVSYyxWiMEAE&urlfix=1&adurl=
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
RenderAd.aspx
ads3.mthsense.com/ Frame 7180 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=1748&width=300&height=250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.244.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-244-124.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d757c68311199fcc8d12b4987355d5f4275004be297d75aec99804e80be181f9

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:18 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private, no-cache="set-cookie"
Connection
keep-alive
Content-Length
7894
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7180 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8608 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRoFaTKrFMy04kDkxDjrTSe6teyInGmLPUfwtE7QvqFe-59aMV52SwLCIlMfnBpl3tjUFZOB8I6orgNIQ8N7eTw7YNVNGBnavB_4mS0bd2KzRJRR0F4fEv7Ofl78wFJN-Nhh7N5kuu5eYwkftS0npFavKdz-H4SLNEWunnGWpE0hyUG0g8cZPGLey7Ag4cuOkv5d2xX9ddNBA_yVpRdwceR0o4h7WWfXVYlw5J3mSAXPP-xG-iLXo6O53wNl6avt0kzMJLlIeMN5v7cxU&sai=AMfl-YQLgPAXOHokUlvBhD2eiFQ8D-X1j0EGfPScdBQMAWmmZm4QAZSzJg53wxiLCya9uOVaqot1AFsBkvqq0Meg3KikKH7hDbSQ_lcX2EKrF8ylteIM9j_QIitjYCJdztY&sig=Cg0ArKJSzHoLC4UxDrTdEAE&urlfix=1&adurl=
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/52239/ Frame 8608 		911 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/52239/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdd40f0e4c0c7aa5b8f3a68d39681b49941084e7c93042192dfdd8bf73f3a247

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
541
expires
Wed, 28 Apr 2021 11:45:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8608 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:18 GMT
truncated
/ Frame 8608 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b626115b6dd92fdf048dd5880fb03543c7b4f5381ef1b0e2d62b9050b7f26d47

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cs
npgco.blueconic.net/DG/DEFAULT/ 		67 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/cs?bcsessionid=0aecf6c2-a517-4e04-be8c-7814018863bf&&callback=bc_json1010
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
969353590f58ca1fa1868579736ea4f6df8611ae71f8e967c2e7c98216850cf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
33965818%20tsara-Brashears
krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: npgco.blueconic.net
URL: https://npgco.blueconic.net/plugin/plugin/2c0ef76895986d2aea1cc5bceb23fd53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
pragma
no-cache
cookie
ntvSession={}; _ga=GA1.2.334410478.1619606718; _gid=GA1.2.1285781267.1619606718; _gat_gtag_UA_19609167_1=1; _cb_ls=1; _cb=Bvl01aCK5FV8D60gqq; _chartbeat2=.1619606718531.1619606718531.1.Dt-ODe8J-99CUsOnmBp7XlEDWvevT.1; _cb_svref=null; minVersion={"experiment":1647633311,"minFlavor":"yt_supportmi-1.13.9.2.js100"}; minUniq=%7B%22minUID%22%3A%22ee65f831c4-e6033f7cfb-10e3542477-9e7f1bf00e-899b1918ff%22%7D; minDaily=%7B%22testMode%22%3Atrue%2C%22dailyUser%22%3Atrue%7D; minBuffer=%7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D; minSession=%7B%22minSID%22%3A%22e63142860c-ad5ef42170-f02d8fade0-d4c82e13b2-078c9b34fb%22%2C%22minSessionSent%22%3Atrue%2C%22hadImp%22%3Atrue%2C%22sessionUniqs%22%3A%22%7Btime%3A1619606718852%2Clist%3A%5B18057171nt0%5D%7D%22%7D; __gads=ID=131dba31b10a2d4e-221f0f78f6c70009:T=1619606718:S=ALNI_MbsVY5bZpCpsbbHJsk49t77Kx8mrQ; BCSessionID=0aecf6c2-a517-4e04-be8c-7814018863bf
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
krdo.com
referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
:scheme
https
sec-fetch-site
same-origin
:method
HEAD
Referer
https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
age
0
x-pantheon-styx-hostname
styx-fe4-a-68dbfbc774-tvn2b
x-cache
MISS, MISS
x-served-by
cache-mdw17347-MDW, cache-fra19122-FRA
link
<https://krdo.com/wp-json/>; rel="https://api.w.org/"
server
nginx
x-timer
S1619606719.085524,VS0,VE387
date
Wed, 28 Apr 2021 10:45:19 GMT
vary
Accept-Encoding, Cookie, Cookie
content-type
text/html; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-distributor
yes
accept-ranges
bytes
x-styx-req-id
d33588d5-a80e-11eb-94b2-d283e8b80392
x-cache-hits
0, 0
1009
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		269 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/1009?referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&bcsessionid=0aecf6c2-a517-4e04-be8c-7814018863bf&bctempid=&overruleReferrer=&time=2021-04-28T12%3A45%3A19%2B02%3A00&ts=1619606719082
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
d4d11812fb30a25189827028ab1eb94dd1a0222866ceeaa9e284bfa9ee35edc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://krdo.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
150
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
1009
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 		135 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/1009?referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&bcsessionid=0aecf6c2-a517-4e04-be8c-7814018863bf&bctempid=&overruleReferrer=&time=2021-04-28T12%3A45%3A19%2B02%3A00&ts=1619606719084
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
b83d778357c749e88f00595859e092a8435a4c608b0451e327dc41091fcc3bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://krdo.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
142
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		606 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/52239/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5000a231c8067fdd16b2666e679319208f34524e8a3bb6a9e0c001c488270eb5

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
J5Z515GY4JC35AGT
content-length
134847
x-amz-id-2
BC39uJ6s/94mdjF+auQAzVD1Z8JlnA3zwgVLDTF3CBz1FuuctwF9S4RBtCQ9sgzlUZV0/+UNgtw=
last-modified
Tue, 27 Apr 2021 08:25:35 GMT
etag
"d86173609c63809a0c0abdbee8d1c65d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
8
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 28 Apr 2021 11:15:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8608 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgF0LkCTvZLgfMpCSkMqIyI00oFdGmbgzroKgUf3xXK8IQYhGtojMg7653B9bosAxhF5AqtWen3Znbpd_N5BhHgSf9mwD8wfTbAMxu-_a6iTPNSP845x6fMh-HRA4NZDvE0e4G133q1i2dtZ-21kUz_wyBV4qkIzhHQbXlXLJ83iCsag50kw8i31LnmbHZxNAceMoQmZZYVN0hOUI3tJf3Ifuul8FFoGEUZopQDfSKtCYDzX6MavYrW83UunzW_HoLIR5l8CpeYx0CuQ-3xw&sai=AMfl-YQ1P1Y2NHkapT0BqsUKRoXvuaTcWMl3QKs2gjglKw2g7MMN_RhlmVjm81GzL9KRYq9d_LvfRC9PLReg4Stq37XErLeL-50PfMQ90iF8Xy7lwJUHtcfHg_u-3CyU_uo&sig=Cg0ArKJSzLguYrwIjr3WEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 10:45:19 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=debug-bts&fv=733&ts=1619606719200&env=js-web&pageId=52239&pid=57322&auctid=d9e63f74-f8c7-4719-b303-9a44af6121a2&f=1&debug_metadata=wb&referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=d9e63f74-f8c7-4719-b303-9a44af6121a2&pageId=52239&pid=57322&debug_metadata=59FhDr2G6T&fv=733&ts=1619606719202&f=1&referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=d9e63f74-f8c7-4719-b303-9a44af6121a2&pageId=52239&pid=57322&slot=polymorph&fv=733&ts=1619606719208&f=1&referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
http-source
s8t.teads.tv/logs/format/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/logs/format/http-source?%5B733%7Cd%7CWindows%7C10%7CChrome%7C89%7Cweb%7C%7C%5D%5B57322%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-max-age
86400
access-control-allow-methods
GET,POST
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=38491422&cs_ucfr=
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-52.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
via
1.1 803bb8de3c7a92b10030fcaaf02a53d3.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
do7quLwoviCxINLDcvItOq0-xW2AbbvZo4TYU2zTy9Eajvl3e8uPaw==

Redirect headers

date
Wed, 28 Apr 2021 10:45:19 GMT
via
1.1 803bb8de3c7a92b10030fcaaf02a53d3.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1619606719212&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=38491422&cs_ucfr=
content-length
302
x-amz-cf-id
FBBiTz79qAkfgInc95QmPpz1wJ7L483Wp7Gxx2fAGPDpKbvj7nj_hA==
ad
a.teads.tv/page/52239/ 		485 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/52239/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&page=%7B%22id%22%3A52239%2C%22placements%22%3A%5B%7B%22id%22%3A57322%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A760%2C%22height%22%3A428%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=d9e63f74-f8c7-4719-b303-9a44af6121a2&formatVersion=733&env=js-web&netBw=9.7&ttfb=356
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10dd9b6fcc056b7bef97875640de3d5b8eea9c559e4722536c7113b15382e323

Request headers

Accept
application/json; charset=UTF-8
Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://krdo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
335
expires
Wed, 28 Apr 2021 10:45:19 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=57322&pageId=52239&auctid=d9e63f74-f8c7-4719-b303-9a44af6121a2&vid=541a70ee-e9d9-4891-9b99-548c5cada114&cts=1619606719252&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&fv=733&ts=1619606719288&referer=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame 5DF5 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=1748&width=300&height=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:10:06 GMT
age
2113
x-guploader-uploadid
ABg5-UyrU6DZULDqbdlh1GUH0M0r7-jdbmkzhejdpUMs5m_HO3ccWZ55ut6NrURvDIFjNgcEdmtVgvkwpTNHxE8c1Mmz0jGTKQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 28 Apr 2021 11:10:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5DF5 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b062efa1d6ff69cb710c1dc2dad2190ea08456f37fc9d1d56584d171159be8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 480 of 1000 / last-modified: 1619602879"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21077
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 52D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl3f_NOvycNM01ZUkk7zHKnRyN4m3HfifURz3PNDT_DogSLIQ4etP79WzvNouE5ahIyeqIwoVQ2gSNDNQJhjK_vggLOYwUND1zrM0ELL9pamiVPngFKYHHtW0Siyujh8Tk42zM3T9ExM8VAv5hSDpOa63FAHGASf0Yo9LZILxYffArT4N1JDfIKm0U6XL1VPo8YK_IGx9GjN-lsLPuh-Yng0TSxoxIpJar0rovVw6uzXHTf7b4HMNmRVBbu6Na5myl70Iz_RTj6T4PTySe40KhrQ&sai=AMfl-YSxACDtrqtkbNXJcLko9JgGiYjz-15ga96yTjytdZxwS4oB98LcnlkfTnwuPy8WIav7yKAm2NnuwuwzVvN8TXgzMR1ciFn3DT4YSlYTYryiWWp6ADX4afgVdNpHSwc&sig=Cg0ArKJSzFKjFcQjtU6nEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 10:45:19 GMT
truncated
/ Frame 52D5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0903936e068e418e8fc4271b98e116093ea2c1496f4cdc86f0b46bbe537aee43

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame 5DF5 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:19 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5DF5 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710514&size_id=15&rf=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&tk_flint=pbjs_lite_v4.7.0&x_source.tid=f480b48a-69ec-4b2c-894b-1289734e79ef&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8851738219622394
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
987dc7bf5f840ef50048702e4fa82b2302566ec91207bacee92463445c21714e

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ Frame 5DF5 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ew7kii4wVov8hjHwB8Wgknzd&bidId=4639a997a00579&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.7.0&strVersion=3.2.1&secure=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-13-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:19 GMT
access-control-allow-credentials
true
vary
Origin
auction
x.yieldlift.com/ Frame 5DF5 		2 KB
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
cb02d4ac28407c54918a01cda3c085ffe1badfdcabf06dd739dacd143affa2e4

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://krdo.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
576
Expires
0
hbwidget.json
hb.mynativeplatform.com/pub2/web/v1.15.0/ Frame 5DF5 		0
0
bid
ap.lijit.com/rtb/ Frame 5DF5 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
e1687083dec75731e57d856d9eccc0bef12416b8d205b087aebf5def02d3c0b7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Apr 2021 10:45:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://krdo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
os4m-d.openx.net/w/1.0/ Frame 5DF5 		173 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f480b48a-69ec-4b2c-894b-1289734e79ef&nocache=1619606719576&aus=300x250&divIds=NPG_KRDO_300x250_BTF&auid=540529557&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
b964576ffaeb11955e99ad9efb052a4333a42b384a43640d4dfac4cf92368b3a

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://krdo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 5DF5 		25 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303655&v=7.2&r=%7B%22id%22%3A%22136c7b6baf37776%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22143d7480c5b11e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303655%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b9135c1e86b42ec285855d45ee2a18ff274995c42c73fdfaa9063197b240d08

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.9.18.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://krdo.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Wed, 28 Apr 2021 10:45:19 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5DF5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bc03bccf20454c6886f4dc49dec11ca2b0563904fa502cd766722ae8990e0c05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:19 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid
54bef987-22c7-4bba-85ca-02b24d995063
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 5DF5 		66 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=baJuNG19ir6ikUaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
8499eed0890ce80b952e3bd9ded99d6c96738647e20320a682054f677534fc33

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame D3BB 		302 KB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=1748&width=300&height=250
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:10:06 GMT
age
2113
x-guploader-uploadid
ABg5-UyrU6DZULDqbdlh1GUH0M0r7-jdbmkzhejdpUMs5m_HO3ccWZ55ut6NrURvDIFjNgcEdmtVgvkwpTNHxE8c1Mmz0jGTKQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 28 Apr 2021 11:10:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame D3BB 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a01839e33fb4527aa3e3f39985b4ca68c719ea0dd53635be0e3be633056673c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 797 of 1000 / last-modified: 1619602787"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21076
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7180 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstea_SlSEBuzIpRunmD0q8uWZOYzA7DQyhtxNuXJF0c52xAbsetQCSndnTpQAkPRWyNh6hRkjP2AKwZXNES-wIJNj-BCNH-4Gz7iaPjgQ0UTgmRPIq0McMSMxhp9vzC4Lve5qoM2wVDDGOkwSUbtQXuJBTllkBEWSfxWnT09WA4sfMENtS0-a9w9WSeu9qccfIJz_kiLWD5Ghev59OJCSy2oOqnLCqJUrNlCreasLjp-BWdT70yQOe8LVTZrE9UfRzdS-zzpzIK9Fj-ShBn-bWuXQ&sai=AMfl-YSnl6yZqx90VotsXIJeQ1X2Sdr6BqhU0RE7aiFmiiperOZQsFo-aNaNmVgWO7ZzCO658x4HDZ7Q8tazU97LR8lio4dYa0N5RPs8Q9qhW5jL1pXoTRZdx24y-wtQhJqS&sig=Cg0ArKJSzI7LuHLJLoMsEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 10:45:19 GMT
truncated
/ Frame 7180 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04792b0a3cf328de91c48df9a15a94caf2360860e177b8f4e0443bcafcbd58b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame D3BB 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:19 GMT
hb
ssc.33across.com/api/v1/ Frame D3BB 		65 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=baJuNG19ir6ikUaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
49625584f39a1b3ea5d4e07b61d65115861c1452ba7b99a40e2c62c077d1892a

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame D3BB 		24 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303655&v=7.2&r=%7B%22id%22%3A%223ba5248bec00ad%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224504ebe6a62eae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303655%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b5db081a83dfa84fb5ae0e444e4359d78ebbc4f5ef8d52f0f8be54bef1a43df5

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.9.18.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://krdo.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Wed, 28 Apr 2021 10:45:19 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D3BB 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c5ce4329e7334256ece1f7e030c2a8ea071e0cb1e4ace2c6a42bf4e6796788a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:19 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
e8763371-b940-4262-bc39-e905443822f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
x.yieldlift.com/ Frame D3BB 		2 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
4449883157b9337512ea159411c51cc8fae98894426ed27d2349346537e82e67

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://krdo.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
bid
ap.lijit.com/rtb/ Frame D3BB 		94 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a3ab60fe081896e883db11b9f814ce35b5b0031d866302c61c51b6fd2c693ace

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Apr 2021 10:45:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://krdo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
arj
os4m-d.openx.net/w/1.0/ Frame D3BB 		174 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e15b780-cea5-41ba-9353-21abbcb249c1&nocache=1619606719739&aus=300x250&divIds=NPG_KRDO_300x250_BTF&auid=540529557&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
8381983927a64631aa039c5b7e91b8ede9172f21d6149c1dac3dd9b4757fd8e2

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://krdo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D3BB 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710514&size_id=15&rf=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&tk_flint=pbjs_lite_v4.7.0&x_source.tid=9e15b780-cea5-41ba-9353-21abbcb249c1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6345420525982439
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
70e97e52b9e9a3037a2d03896ac4fe29c19bcf1f3a65d203c8e3bfab47569089

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbwidget.json
hb.mynativeplatform.com/pub2/web/v1.15.0/ Frame D3BB 		0
0
v1
btlr.sharethrough.com/WYu2BXv1/ Frame D3BB 		0
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ew7kii4wVov8hjHwB8Wgknzd&bidId=18d7125488de9f3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.7.0&strVersion=3.2.1&secure=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-13-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:19 GMT
access-control-allow-credentials
true
vary
Origin
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
GFCX84XM118VT8VB
x-cache
HIT
content-length
11777
x-amz-id-2
0I6HKjtYUwUGM7rXwEsdtxplelcduIoMZugBIgQyyc+jv9E44vPitgTVQTJGMEdiiAo0wBheaf4=
x-served-by
cache-hhn4064-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1619606722.860724,VS0,VE0
date
Wed, 28 Apr 2021 10:45:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
23194
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73050a23c5483820c00b78d547b5102a99e551139a0ae717123e44c09e50456a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7041
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FCF3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 28 Apr 2021 08:33:05 GMT
expires
Thu, 28 Apr 2022 08:33:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7934
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
pagead2.googlesyndication.com/bg/ Frame FCF3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 20:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
395701
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5651
x-xss-protection
0
expires
Sat, 23 Apr 2022 20:50:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042601&jk=1325689873821024&bg=!dXaldjLNAAZLnZBaS507ACkAdvg8WkJEzBQWHlhQs72NvaJFPl2crLJoyuL9W30RCbc-fwN_WEswWgIAAABTUgAAAApoAQcKAHAiPKGumWT1rnRcQae8u863Ktzn1ik1EfJ5lQtnOIovYPJmInoPFSe5EHbuo9jiYOLZT7A7SqgfYcPPy2BeszkhhvJAq0j9af7j0Cx6DDplDqtjgZg5AvWkjyQDk3AHQeWjQUxr4uRo57ItSrygdTYRmQIWneMcP_LEj_y4zdoarWlSQwnsJloedAGij6yYO8A5UMFmSBjRdwX7OuYp8AcAIWhf5ofxpflMeAZmfXTNe4Rgu05sh4sz09WDDGH40gRlwyHszxnL9X9muMgk3IvwWO8hG1UDpWlo6hNIWI2XUj6tcmvxnoEXt8M_nYvjAYhxcXWvxpQ-aJW1ERiDsOqlSj25PB_tQJYDSM6x9xl-5ZCdrcPSIetMwHTePguZ50Af9XKIVERdH8o7zhpo2bUHRMKPhLiNQYnBeLlAlHLk923atTYdvfLk_Tt2H1TPBEa_kTQsMPyXwEnXEb0R4xxZLkZiJEHJTG6oPoDQEm7MuezJ28Dmj9sgvwYt_ZxsiGHJ-DH4OFIkEjWfNE4zOrzd4bTWE_0ircRXfrzAhDSpSgbGl9IpusuPcYJ1v3ZMABNvM2m8LY5T1TCwZm1lkCx7XiFy65ILuaQd15jWTSIASmOe56-DdZekzn91ZItKmayBQYaF_VwvmvWlzLt6FWe3kjN579i40fMhPwEZWcEVbDRaT37okBbFy9zpNEfyFLERT-_wzgQILAD4MrG3LeutAFBMJbW76MApAn-unJNRL7PmYuUhJB8Ac39VNKont7BCCxUQpi7DT_APdXCmXOvZfoCAJjmx89YQ1dhGvsNaWdCEF4XbvgLPZi4h9E7mAXzIn3cvsDLGD5b9oMzsHVHTgC9mJB_40v7U
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 52D5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstatoi9Ic5AE_lN0GX0vNx0qJkdUV6zdk-DA6ua0z2P8sgXtGlDK_ESlp7qsRRVmrRZ8dbRyTFKAjfEfnD2aph9YZihBxxioUFPPcJ6djA&sig=Cg0ArKJSzDqsCqNM0FtFEAE&id=lidar2&mcvt=1000&p=564,1050,818,1350&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=0.98&app=0&itpl=19&adk=1343987547&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619606718712&dlt=0&rpt=809&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 5DF5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5DF5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5DF5 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3574282813355434&correlator=2534795053110115&output=ldjh&impl=fifs&eid=31060784%2C31060789%2C31060853%2C31060920&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=hb_name%3DNPG_KRDO_300x250_BTF%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D131dba31b10a2d4e-221f0f78f6c70009%3AT%3D1619606718%3AS%3DALNI_MbsVY5bZpCpsbbHJsk49t77Kx8mrQ&cdm=krdo.com&bc=31&abxe=1&lmt=1619606720&dt=1619606720934&dlt=1619606719495&idt=130&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1050&adys=564&adks=686304141&ucis=42q7l3mdnrqt&ifi=1&ifk=1449955407&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&top=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=334410478.1619606718&ga_sid=1619606721&ga_hid=1610020497&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
392cce442392c16b3585aacb6173bc0954423067e68ff5816cda547ee10625b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4539
x-xss-protection
0
google-lineitem-id
4756978442
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138245953932
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DF5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DF5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame D3BB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D3BB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=krdo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D3BB 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=573452084091610&correlator=2784715432901484&output=ldjh&impl=fifs&eid=31060841%2C31060922%2C31060503&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=hb_name%3DNPG_KRDO_300x250_BTF%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D131dba31b10a2d4e-221f0f78f6c70009%3AT%3D1619606718%3AS%3DALNI_MbsVY5bZpCpsbbHJsk49t77Kx8mrQ&cdm=krdo.com&bc=31&abxe=1&lmt=1619606721&dt=1619606721120&dlt=1619606719687&idt=104&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1050&adys=2032&adks=686304141&ucis=86nn8of4p33l&ifi=1&ifk=1449955407&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&top=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=334410478.1619606718&ga_sid=1619606721&ga_hid=691482633&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
715bce3b5badd2e8d0fc873ed45de2b72144a4f7c2b39aef1f9d5a05edb8902e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10827
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D3BB 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame D3BB 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
NRJS-f190a1aa51390321b51
bam-cell.nr-data.net/1/ 		57 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/NRJS-f190a1aa51390321b51?a=818884498&v=1208.49599aa&to=Z1dbY0RQChVSB0BRXV4deFRCWAsIHFAEDA%3D%3D&rst=4399&ck=1&ref=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%2520tsara-Brashears&ap=228&be=432&fe=2322&dc=898&perf=%7B%22timing%22:%7B%22of%22:1619606717480,%22n%22:0,%22f%22:53,%22dn%22:53,%22dne%22:53,%22c%22:53,%22ce%22:53,%22rq%22:63,%22rp%22:420,%22rpe%22:426,%22dl%22:422,%22di%22:897,%22ds%22:898,%22de%22:902,%22dc%22:2322,%22l%22:2322,%22le%22:2325%7D,%22navigation%22:%7B%7D%7D&fp=767&fcp=767&at=SxBYFQxKGRs%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
646fb35c094601db-ZRH
cf-request-id
09b9ae6d86000001db3c9eb000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame 4DD5 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 09:42:06 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
6508
etag
W/"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
zRRjDY4YbTKyRWvyM2xMKk1R5V25u5vQZ2zTCtBLSrMre-kOpYoHLg==
view
securepubads.g.doubleclick.net/pcs/ Frame 4DD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL8wkXrLR3K3RDoxXV__uGFt4ZTlUU8Fb0JV7BJI4Mr-Ds-jfikLwoT4p08KB5vqPW7P5AQM6zTBxf-SMg8MBCnDXwQhXINr4P6BYPQau6glUo7QL7hR4vfa2mHyJLCuUP4fw_9_Zub6o3nY2MJ3XPxAisz60IpVGVhGK8KB4teVE_ifGkPPPul2nOzX6u3DB1FtKOIPW6rydp1muwGnKIzxSQJdO_OatcwMgIgDPudH32ftjwdIWGVdLJWAfqFuAKQY49XkbGLVlcBeq0jLW9b92nyUo2opJHgb5FN1MnAEcjGnQo4CW684xCBoRMzcwJhJTwOMNn&sig=Cg0ArKJSzFPzTXzR-NiJEAE&urlfix=1&adurl=
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
136953cb-88f9-48b3-9417-8f28d8a3cf54.js
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 4DD5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-170.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0246dadc540e4f6c0123e63c93e85a46363c18a2476806331d41ac20df8c7799

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 21:58:46 GMT
Content-Encoding
gzip
Age
45997
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 15 Apr 2021 16:54:35 GMT
Server
AmazonS3
ETag
W/"23cba0f3e28a3880cdad784102bc0326"
Vary
Accept-Encoding
x-amz-version-id
U27GjruuL3srBDOnYn5URpMDgGsHc6_E
Via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA56-C2
Content-Type
application/javascript
X-Amz-Cf-Id
O2OU5KaRvx-Mwn2SIsPNfbqOHYojKRmFhcnkyqtOughi9iKQvQldLg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DD5 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:22 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5DF5 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DF5 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14b0ca84af343c40ee75e841596549bf5b157f5bef3126ea096b19f2de559c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7642
x-xss-protection
0
truncated
/ Frame 4DD5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f12ae4af125e729402cf67d3bfd2cc37ca92b094220ee20f059c06bb47c78c29

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DF5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060920
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:22 GMT
21bc8503-7806-41da-b650-37b6eedc566f.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 4DD5 		55 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/21bc8503-7806-41da-b650-37b6eedc566f.js
Requested by
Host: d3oi8laqsvc6ey.cloudfront.net
URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5600:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7d67ec25df462f30026185ccd4d5f2143b4c6dff28c3f2b357bef1a5d12d9d0a

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 09:30:23 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
4499
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
dWQ-W3VZnzjt1lVHRcwHiCWrjOUuR8Hld3M78Kvft9gUtDniNBBv5g==
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame 4DD5 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=1939003&referer=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame EE50 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 28 Apr 2021 08:33:05 GMT
expires
Thu, 28 Apr 2022 08:33:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7937
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 7C46 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
72893
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 14:30:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 7C46 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
72893
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 14:30:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 7C46 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
72893
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 14:30:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 7C46 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
72893
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 14:30:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 7C46 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
72893
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 14:30:29 GMT
truncated
/ Frame 7C46 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
437544e3984e44eea479965f0bd08086a1c5ba351693c5bd878d1659f28de46b

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1702742490217885292
tpc.googlesyndication.com/simgad/ Frame 7C46 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1702742490217885292
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b5bc550ab704a4ea0f4d84b5ab27191f43cef91b74234e94e22b19fe42ad8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 07:11:26 GMT
x-content-type-options
nosniff
age
272036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151435
x-xss-protection
0
last-modified
Tue, 18 Jun 2019 08:37:17 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 07:11:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C46 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
24366
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C46 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
20485
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Apr 2021 05:03:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7C46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeNB0wTyJYKqWNIfQ7_UPk7OsqA2M9-y0Yo7518f1CwoQASCF4bxKYPUFoAHq64m7A8gBA-ACAKgDAcgDCKoEzwJP0E0y7LJTXAKiI4SJLxGUGP-MJ6kcxrRxRa58aYKalaj8TbtAbPVZjJ7DziApz8gA3bQE7n8rVPsnhtXf-t6cC-wLyU6cMqpsR7GruUmQlZV4BUygdnrheYD_9FJ1xg2fzqx4VmyEo7gTTkpfaj_9RynqZruO63ewkmKaiI1E8rSwAJlL2NyB8okllHd8KQu6ypaVXGgGu8Nc_q3bytWq3QwMqusxvf2XntQDy1FAXJxugiS9aw-OkfijVCy0ixYRWHms1U1-1oa9i9H9u9Qv6VA2sI1xErrDPoILuwGByoWqZ6nKSRONobZYjCUyMU2kBiRWr1HbG6bQGz4yWffugpbVcyrZ51Rrodi8Hrf_Q2onxzKQxxWni-oAovPAIHG9beotePH09g6D2DrXWvXglMf2AloypzV6pRWqMfXQUQsdSw8mrHvB2JZ1o9e6RcAE6P38yt0B4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB_6T9kSoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ8foU0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tMjI5MTgyNDk0NDM2NDk1MYAKA8gLAdgTDJgWAbIXGgoYCAASFHB1Yi03MTY1MTYwNDU4OTYyNjEx&sigh=7hSN4hkRsGo
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame D3BB 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
914bcc0a1a541fa55de5319349c3e9092c5f498c3ff03902a6d7137800d94323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6904
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D3BB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:22 GMT
kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
pagead2.googlesyndication.com/bg/ Frame EE50 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 20:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
395704
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5651
x-xss-protection
0
expires
Sat, 23 Apr 2022 20:50:18 GMT
9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/ Frame 4DD5 		313 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6a00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233135281fa74a34acfa5c933046dcce1059dd442ee72b6aafc8c12b916fe700

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Gp4bxAF1zMYTk9gjQH4e01_mnNRysdFP
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 16:54:35 GMT
server
AmazonS3
age
43
etag
W/"0629d2715497734083800d98a9644da9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 28 Apr 2021 10:45:03 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
LCuHvNuHiD1sR8NJ0BsIKQ-LwN2-U3y9JPJM7MgDjKzgtFyZZNhVsw==
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7C46
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Apr 2021 10:45:22 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3CB6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 28 Apr 2021 08:33:05 GMT
expires
Thu, 28 Apr 2022 08:33:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7937
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1702742490217885292
tpc.googlesyndication.com/simgad/ Frame 7C46 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1702742490217885292
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b5bc550ab704a4ea0f4d84b5ab27191f43cef91b74234e94e22b19fe42ad8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 07:11:26 GMT
x-content-type-options
nosniff
age
272036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151435
x-xss-protection
0
last-modified
Tue, 18 Jun 2019 08:37:17 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 07:11:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C46 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
24366
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C46 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
20485
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Apr 2021 05:03:57 GMT
/
geoip.insticator.com/json/ Frame 4DD5 		225 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b0429b52f0fbd0edfaf5041e8b046dd2e281be62a327a6c117d01331faac316e

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:22 GMT
access-control-allow-credentials
true
x-database-date
Wed, 28 Apr 2021 04:58:26 GMT
content-length
225
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame CA9E 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
c85920cb-5b9c-4b97-9bbe-f39a2a645715
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 4DD5 		261 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f195b117a69029d6ca3702f5b5f9884e7d52a3d6c0ee46a2671018eed41c8139

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Apr 2021 21:04:18 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1121321-41217-5c06dca2490e5"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=140628
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
81860
Expires
Fri, 30 Apr 2021 01:49:10 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 4DD5 		125 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80b18e62e7a609e16e1ca2f97fe56b9030755d52c59ffc4b8721f0dd3f06bff4

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Age
495
X-Cache
HIT
Connection
keep-alive
Content-Length
27444
x-amz-id-2
9RKxxQW0GvlZ02hoyRHZXK2nStF2evqwTf3KiLLnPguoJVmFsbtZ9HJTH0e0D9Foqbxn64DdUPk=
X-Served-By
cache-hhn4037-HHN
Last-Modified
Wed, 28 Apr 2021 10:16:40 GMT
Server
AmazonS3
X-Timer
S1619606722.380064,VS0,VE0
ETag
"cd707c1553ba874dd166bdae805c363c"
x-amz-request-id
9G6A8A9201226AM7
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
14
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4DD5 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:42:00 GMT
content-encoding
gzip
server
Server
age
201
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id
rtDjS3iLbK88VWC0v66alMimreSowiiCPhL-m-8OOdjuF4i8QZohCQ==
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://c.amazon-adsystem.com/aax2/apstag.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202104191159/ Frame 4DD5 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202104191159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
505e05a2fcc6f07732a4023946b9f1a3c15dfeaf2d79cfbf692d2fd44d118984

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Age
449
X-Cache
HIT
Connection
keep-alive
Content-Length
60645
x-amz-id-2
dLCWyqYsCpudtaNo//8h8Ermnp+JoNzcMAj4CtAFv1ChHBLRnCPD7QIDdOAG/VZS2wQA0inhFCI=
X-Served-By
cache-hhn4037-HHN
Last-Modified
Mon, 19 Apr 2021 16:00:48 GMT
Server
AmazonS3
X-Timer
S1619606722.418509,VS0,VE0
ETag
"d22da8383257ef20a53375af81013cdb"
x-amz-request-id
5HT417PG23NCDW53
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
473
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202104191159/ Frame 4DD5 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df1afc123fd19da2af7da5bf66c8dab25c986dcf467b2aa7d6409e389b0ebb8

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Age
462
X-Cache
HIT
Connection
keep-alive
Content-Length
27811
x-amz-id-2
rkC9kpG+zjLFX2mM0iVMDDJk0eBNElHdQEC0R6m87xPb8nR01mcQoSI+gQNqI0rXgW4gK+1bTQ4=
X-Served-By
cache-hhn4037-HHN
Last-Modified
Mon, 19 Apr 2021 16:00:50 GMT
Server
AmazonS3
X-Timer
S1619606722.448880,VS0,VE0
ETag
"7cd92ec21ed79fdb0dea417e7a5ce83d"
x-amz-request-id
6ZKMPD7JD794BPFJ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
555
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://confiant-integrations.global.ssl.fastly.net/gpt/202104191159/wrap.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
pagead2.googlesyndication.com/bg/ Frame 3CB6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 20:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
395704
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5651
x-xss-protection
0
expires
Sat, 23 Apr 2022 20:50:18 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkrdo.com%2F&domain=krdo.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://krdo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://krdo.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1364
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4DD5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkrdo.com%2F&domain=krdo.com&cw=1
  • https://mug.criteo.com/sid?cpp=GXTtAXxoRzFBWWcrODcwN3hpcEtjQWljZ3pXT212aTRvNXRJTHQ5OVJFOGo5TEdwaVV4UlYrMC9hb2hsaWVCR2piSGhjbEg0YldSL1gyaGhCREJCYlZaaUZaNnZmYXdIRHFjc0FnWEdnUmg5cEgydENnVVJZWGIveThkWG...
339 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GXTtAXxoRzFBWWcrODcwN3hpcEtjQWljZ3pXT212aTRvNXRJTHQ5OVJFOGo5TEdwaVV4UlYrMC9hb2hsaWVCR2piSGhjbEg0YldSL1gyaGhCREJCYlZaaUZaNnZmYXdIRHFjc0FnWEdnUmg5cEgydENnVVJZWGIveThkWG03ZWQxNmhKY2xXYWhQTFkwVFdPV1pKbUd2ZWV3M3JtNlhxOWd5cWFqWWdVNzBIaFhtMmJxZkdYSXpkdXg5blJmNW9za0FvaTc3V09PMkxCejd1RGFXdFgreFJFaXVnPT18&cppv=2
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fabaaa4463a2d9da59b5a7cff9701e11ae029715e6ea720250c56b7c46382360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 28 Apr 2021 10:45:22 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2174
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Apr 2021 10:45:22 GMT
location
https://mug.criteo.com/sid?cpp=GXTtAXxoRzFBWWcrODcwN3hpcEtjQWljZ3pXT212aTRvNXRJTHQ5OVJFOGo5TEdwaVV4UlYrMC9hb2hsaWVCR2piSGhjbEg0YldSL1gyaGhCREJCYlZaaUZaNnZmYXdIRHFjc0FnWEdnUmg5cEgydENnVVJZWGIveThkWG03ZWQxNmhKY2xXYWhQTFkwVFdPV1pKbUd2ZWV3M3JtNlhxOWd5cWFqWWdVNzBIaFhtMmJxZkdYSXpkdXg5blJmNW9za0FvaTc3V09PMkxCejd1RGFXdFgreFJFaXVnPT18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1642
content-length
455
expires
0
instbid-3.27.1-lineate.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 4DD5 		341 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:1200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1Itu7toNKop.2NOnx2uGNcPGoqx61L3u
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 22:23:27 GMT
server
AmazonS3
age
79692
etag
W/"a21d26500c25e2f27a6f7f33a8758ff4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
date
Tue, 27 Apr 2021 12:37:10 GMT
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
I1duj5rS31uR-xXmfw6ONCTiTusTp5dqVFbFcMMfCPDqd7qAL8dwNg==
insync
thrtle.com/ Frame 4DD5
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=fd43345a-b5a2-4aad-b04d-a08344ee05b8
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=fd43345a-b5a2-4aad-b04d-a08344ee05b8
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.147.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-147-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Server
nginx
Vary
negotiate,Accept-Encoding
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=fd43345a-b5a2-4aad-b04d-a08344ee05b8
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
X-Request-Id
d4e5f9fca450ab704161e3c2177f1807
Expires
Sat, 26 Jul 1997 05:00:00 GMT
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GXTtAXxoRzFBWWcrODcwN3hpcEtjQWljZ3pXT212aTRvNXRJTHQ5OVJFOGo5TEdwaVV4UlYrMC9hb2hsaWVCR2piSGhjbEg0YldSL1gyaGhCREJCYlZaaUZaNnZmYXdIRHFjc0FnWEdnUmg5cEgydENnVVJZWGIveThkWG03ZWQxNmhKY2xXYWhQTFkwVFdPV1pKbUd2ZWV3M3JtNlhxOWd5cWFqWWdVNzBIaFhtMmJxZkdYSXpkdXg5blJmNW9za0FvaTc3V09PMkxCejd1RGFXdFgreFJFaXVnPT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
972
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
vary
Accept-Encoding
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4DD5 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
4or5e1WlBTsdFUJ6uFe7I_k2vZaLZR1EIep13t5kOFhh5ZaQIwMSFA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DF5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=3574282813355434&bg=!7-yl7KjNAAZLnZBaS507ACkAdvg8Wuzqq7d1ejs2fk5CP91en3NOaYYIUIwKjUNuauTH3Ci-U8sQlAIAAAEjUgAAAA5oAQcKAMyqXh6518J6ton3ckmo47SraoKx6XnLNbSIqjus0q4oGCRze3QeglrZn8lM2EiJDOe54VL7C-Z6KGtX_pmSRBwDfzujgKGTkUGWcnd1Wy9GOGunFUnMl0NMJwUi6_DT2ytUyCOthncbKNNNwDCKwOqojnZ-MIOILaUFNUKqanyQ72d21HRMbc13dygU_bzk-oM-tYHxduecy2v0-VD-5IZDTRHCpn7aeAgcmPGkUPUt7p1HAorJX_5RAi8cE1Ux61c4xwLspZPEsPSW6LaZAlwNrpFmVU1tiSkbT2SxNl-lwoNy5SOpIoYzoGpfjPYIzqjqKzlFDPiXPnzb5CbYzYzhJMxMuKSDWTlNyPSQ4Vj-yLBdMYMFA6_Jp648G2_wBTNwEUG7CNxna2u3OIrP38UP9ngCrNA2RAMB8aOWXDCjwvHL0cRHwyI6o56CNEJhVr5c2RrdiqLE6fh7WePdUlZEyKEhgb_axEkfc_yf5RtBA99PYqyy-_I1ElOd74qJBj85lW_VKJuzAPQIqN4KWZ0iHRslRkAwZryi5V8r4mMGmwAn5harC9W8gSV5hoDToKpIOT1Sy58DOC533dd00nkYc6pI46yAh7DN8hn4GJhDUH5h-D6aWmffpREPBjVtEQ01kTT0oEh6-_rpu6Mqro5VjG3qO_xTBbt4g_BOP23HAXfxSG5WxVlRLqV8LAl3jq9kVy-3WIGkvqhowQjAtpeD0c1cKQoj3gMjJU34wfV28eKCC9LcUTZYtObl0PBhsmGn1R0elHph02l-AFawh5LOPCu6o78UYR72fiI5n5eUPiGer_fT_7JMCm3M33qqoN1Oupwl_poTSq00-As3To94yeq8EgwMsWeC5wsijuXn5lOXt0EhfEmzlKnKbx4ADI8uzrAz6QXW_p4r_HB6F94lS6NdqZUz8E7HGkqgJhtcVVLEnQbbvWHOdE5dpFloHAifeb3zV_Y4sUdk4zCsJEL3_Cuii7PlTY0xM_PZtAxJTZFVlAWWNJQa9RSRBmRQSXoGSlW4g_wEvBsszLnLh31hp1JjVMFwDNwD3xheKwG7LmwH_3I3qLA32s_X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3BB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=573452084091610&bg=!_v2l_bnNAAZLnZBaS507ACkAdvg8WhoR4Q5A-PoFzvffem7rsfhYPy31sJGuRE4dcxpSgwVcyT6pAAIAAACXUgAAAAloAQcKALE70QTDuU5KEDHiCpPRX162nUVghIozs-7jMOxfnOeQUUmURmlUZHBx2x5dFSlqbY8tiInnQvV_leUgb7z6XTYTa_VOnlLsjkKTcRPRuo-Sa2rUbDH6eL1mEfQ-gUr7B1BV9iOMtkKoiAKOcgIfhHBh6nxA52B9xc3nI2zzX1YzZPATN1X9DxET7oK4v5boy8gchkNhKwvDko9MoTdj_CiBkeGLU0VkAeRq48J500Bg23KZAjG4guXjPgUe9CXSwgSP8UpWTEFDgL_PD5RT_gq_S_jmS_Mu3IGJHJ-teHgc9dJRWqDy3G_yzUNmEV_K0VD-qg6gS2xJae7bE0uiCna-uh3B9VZFziY523j3xrdh86jDGYwOAVPg__6jXVYR8omUtKE26HN_fYpB3BwERfTbgb73DhfqZL3qwPhWsfnqm8yVHKjXIJa5XrZjawM3fxLFYyi-76UW1Pn_kU3QKEYmPESZ94F96FuaLubioJ8tHcOD6gmxcrwD3ms6YBjvnO6F9jApmxpI1ebyRJ_Agq5xtdNXTBrFEp71z7lxTVNadBVuwyWbGJlKKwRb0ZK48QC30P3PcNRdaUd8kXPKA9q8wWCOzY3dBd4MbJMJ71nkFcb9s2fgVoWsloPnDJy68EHRMoHfITibBuLiHzezX-FB7eXp0tz5m5Zqkpu5fd7HdfY0IQWqNTp6tbCf4wm1U6yfzqqVDX1ZNtq1vrnZRWPO22PkXBo1DDOIQ8aYxB_8eLpt2H3yAXiG3ntkBlhl_1TlKoWZ686ot7Mn5A2vPQ3dJNvyoSVKieKCTUikiVvggmTN-kTpNBcMMx6_l4ZClplJTS4lWy_rQMd87iepR_LebOJjzNRUI6T1pdEoPQtQLtXahyPvvFa9HaK5SHUuhtgQ5TZX0vFj2LqlpS-bOQxBYegaBjJDVSZKy1-IA4ML9NkXcHFKqh8wAk6E6JI97OHBla-a5jx-zta_efC4-s18UIbEoLM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Protocol
H2
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://krdo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 28 Apr 2021 10:45:22 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
143498102
age
0
via
1.1 varnish
translator
hbopenbid.pubmatic.com/ Frame 4DD5 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ Frame 4DD5 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
cf-ray
646fb3610d05cc42-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
09b9ae70aa0000cc42e32d0000000001
prebid
ib.adnxs.com/ut/v3/ Frame 4DD5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
96d1aa01ef29e6172c297251ad7731de6ad95bdbb52fbde371a58841abc110af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:22 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
5934d96b-be4e-48b3-b6dc-7b238e5f4a0a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 4DD5 		500 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2288e2c392ae605d%22%3A%22de61f6d30b17074b027e%7C336x280%2C320x100%2C300x250%2C320x50%22%7D&ref=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&s=b5d057a8-0d98-46db-b9b0-e601dd8e5086&pv=84d15b1a-37bb-4764-9c93-196a2ad0e4c2&vp=mobile&lib_name=prebid&lib_v=3.27.1&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22d0751779-77d3-49f4-b687-ca1a985cf070%22%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
0f28b3b958b66166af3a799d6b9c74ba918d674521c91a297ef730c6d1bff218
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
353
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4DD5 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156734&zone_id=1022858&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,4cd377bb-c455-40c0-9c7a-667505450792,1,,,&rf=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&tk_flint=pbjs_lite_v3.27.1&x_source.tid=0c98e973-12c6-4bea-8bd8-5b653c581d69&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5999618901738824
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d0c2a456ee5a8132993f3262c12009e121294ca329bc5c83b1a95e2f4cc1abe7

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1561
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 4DD5 		94 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
417197f57587702b08a4c06a0a330a317dfab1efcc95ec52ccf31d6e7bef1164

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://krdo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
imp
g2.gumgum.com/hbid/ Frame 4DD5 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18037&pi=3&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.1%22%7D&ogu=null&ns=9933
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bd4573d3248efb541b7e6419770462383adf495bb6677f618327d263035b6c19

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://krdo.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
c
prebid.a-mo.net/a/ Frame 4DD5 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 28 Apr 2021 10:45:22 GMT
server
envoy
vary
origin
access-control-allow-origin
https://krdo.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ Frame 4DD5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
aacfd321c7801d89b484f6fcf0caf515c795e4f15c2e088007ce26ce3608aa2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:22 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid
95f3498c-3fa2-42bb-abff-dcb755014964
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 4DD5 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
122500218
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
/
hb.emxdgt.com/ Frame 4DD5 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1619606722702&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
header
hb.aralego.com/ Frame 4DD5 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-7727D7BE33EA9449FB9E9D33B2B88E62&tdid=&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&fp=undefined&host=krdo.com&u=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&xr=0&ao=https%3A%2F%2Fkrdo.com&ucfUid=1e199e5e-4c03-4877-a9a4-df1fe92745f9&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://krdo.com
Date
Wed, 28 Apr 2021 10:45:23 GMT
Access-Control-Allow-Credentials
true
Connection
close
arj
insticator-d.openx.net/w/1.0/ Frame 4DD5 		171 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=47dd1bea-64a9-4ecf-b237-469dda902cb5&nocache=1619606722705&pubcid=d0751779-77d3-49f4-b687-ca1a985cf070&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&aus=336x280%2C300x250%2C320x50&divIds=div-insticator-ad-3&auid=540834547
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
2c8f51f470375c6b4fb50d7463c9b17330c40bcfce282e0e0f03433156f471dd

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://krdo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 4DD5 		66 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
8ee053a0a4c0057d861bb9c0ce5123292f73bc1b7b55461fd8260824f0bbe80a

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 4DD5 		25 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=297142&v=7.2&r=%7B%22id%22%3A%22294881a62c16404%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230f262e5a6be3c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22316f828daac326d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22327a2103cf824a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22331f89381455797%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11034ea6bdd96233b294e309cb7652bf85ef7c89d8ffd1262a14104dd7538615

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.9.18.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://krdo.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Wed, 28 Apr 2021 10:45:22 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4DD5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d07fc06c0cd1c1172c988dfe867180a33de103a4b4b63dfe87bd836005f4be7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:22 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
3f2befe2-93a1-4724-bb1f-882199992797
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://krdo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/74418/0/ Frame 4DD5 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74418/0/mvo?z=1r&hbv=3.27.1,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://krdo.com
pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
c.amazon-adsystem.com/e/dtb/ Frame 4DD5 		136 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&pid=NSS9vTAo4Oexs&cb=0&ws=300x250&v=7.61.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fwral.com_Web_300x250_3%22%7D%5D&cfgv=0&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
36fe38e45a126543439e7c4cd01ef3a2983b4774cbbcbd6c1849f06358bcdf5a

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
139
via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
x-amz-cf-id
MSKSbziQPNX92HaSunEui0AUCURykdFLL-4V_NhS168G_xMLpv-WtQ==
pixel.gif
dh014lg6uwepv.cloudfront.net/ Frame 4DD5 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1619606722677&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=krdo.com&ad_unit=wral.com_Web_300x250_3&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8200:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
QsBP6YRZy_JvjkhsgmRyWloUCrVubYr8FTdsHNQ7TbIpi2_yNVhzQg==
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1619606722109&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1619606722677&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=krdo.com&ad_unit=wral.com_Web_300x250_3&impression_type=il&device=desktop&country_code=UNKNOWN&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:22 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame DAC7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
258 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
68b280a1f25b4c5a2ca9ccf138f2b799fe9a3460de2ae82f1eb1fcb069e9952f

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Server
Server
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
209
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 10:45:23 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 10:45:23 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Set-Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 10:45:23 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
log.gif
includemodal.com/static/ Frame 4DD5 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=3&token=1619606722109&url=https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&o=https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.221.43 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-221-43.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
event
event.insticator.com/v1/ Frame 4DD5 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://krdo.com
date
Wed, 28 Apr 2021 10:45:23 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://krdo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://krdo.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame E1FA 		2 KB
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6c1135bfdb3f06158c28e15961c222e6a05e2b420107e0a7c640f619b8b38897

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&dcc=t

Response headers

Server
Server
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
540
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
amzns2s
rtb.gumgum.com/usync/ Frame 7AD2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
61a9fe0249f8e6b83bb23b2f334458f6662647d975f3204178cff46c1223800a

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"086c2dbb5b304a19966f6dbbef2c4d836"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B89A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfb898bb740ada02594889da03a4d5c1bfe671bf06290edeb124a7c5dc0e02af

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIk8v-6OHfTmY81fheaBfQAA; CMDD=AASAWAEAAwJzAQ**; CMST=YIk8v2CJPMIC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|195|64|31|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1793
Expires
Wed, 28 Apr 2021 10:45:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YIk8v-6OHfTmY81fheaBfQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Apr 2022 10:45:23 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Jul 2021 10:45:23 GMT CMPRO=1212;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Jul 2021 10:45:23 GMT CMDD=AASAWAEAAwJzAQ**;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 29 Apr 2021 10:45:23 GMT CMRUM3=c460893cc305a0&2d60893cc305a0&4060893cc305a0&c360893cc305a00&e660893cc327600&1f60893cc305a00&2760893cc30b40&f160893cc305a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Apr 2022 10:45:23 GMT CMST=YIk8v2CJPMMC;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 29 Apr 2021 10:45:23 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4DAC 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=51219
Expires
Thu, 29 Apr 2021 00:59:02 GMT
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AB6C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUO++vuGxiryvY/OiL4vbISe5vC1Xc4IpzxOw4boOqMPmrhL8ydCrqL57SUKUCusDq2XDr1eUmnD2WgFA74oVwAuQdcukJ8VZeREB5KpwX7VvQxPcX9; khaos=KO1C0V2K-19-5QFX; ses15=156734^1; vis15=62568^1&156734^1; audit=1|naVuGyos1qo4UmHPRsL74T34ZXP8NI7DSzSfGj/kRSHV/jqrlKvmma3zYD5TvM6gzG6FmltYou1I7Uqqb+sacA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D13
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=279008679709069790&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=279008679709069790&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=279008679709069790&ex=districtm
AN-X-Request-Uuid
adcf7771-9ab2-45c8-9290-119f74aa7135
Set-Cookie
uuid2=279008679709069790; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Jul-2021 10:45:23 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.148:80
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 45DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
Cookie set amazon
ap.lijit.com/beacon/ Frame 278B
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rbd_dm_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
f949c4ccaeb95f4ad221d1cf68fa9e80538b6ba317d85b9c8e4b292dfa5d3384

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=05a7ea65ca9a0d4bf8702cfc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjI0U7IyNDMysDA0MzYy1lGyMEbjm6PyjdDkDQ1QRWoBtEoQiw%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 28-Apr-2022 10:45:23 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=05a7ea65ca9a0d4bf8702cfc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1

Redirect headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Length
0
Set-Cookie
ljt_reader=05a7ea65ca9a0d4bf8702cfc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
gpt.js
www.googletagservices.com/tag/js/ Frame 4DD5 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053213500c702ba4e3636bd9c26efbbb54e02430479ccae9b147fd58e59f3c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 138 of 1000 / last-modified: 1619602879"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21211
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:23 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5308 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46210
Expires
Wed, 28 Apr 2021 23:35:33 GMT
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
pubads_impl_2021042601.js
securepubads.g.doubleclick.net/gpt/ Frame 4DD5 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Apr 2021 08:39:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108658
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:23 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5308 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39854199&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
843f5cb40ed01a58f7f715b8f741599f7bddf7fd32cb13b91b7a13e7088d894e

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 278B 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=05a7ea65ca9a0d4bf8702cfc&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 278B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=bec1aa88-4854-4fb9-b7dd-50f0d9d307d3
43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=bec1aa88-4854-4fb9-b7dd-50f0d9d307d3
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:24 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=bec1aa88-4854-4fb9-b7dd-50f0d9d307d3
Date
Wed, 28 Apr 2021 10:45:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 278B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Df6971f...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame 278B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MDVhN2VhNjVjYTlhMGQ0YmY4NzAyY2Zj
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MDVhN2VhNjVjYTlhMGQ0YmY4NzAyY2Zj
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MDVhN2VhNjVjYTlhMGQ0YmY4NzAyY2Zj
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cksync.php
contextual.media.net/ Frame 278B 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=05a7ea65ca9a0d4bf8702cfc&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 28 Apr 2021 10:45:23 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 28 Apr 2021 10:45:23 GMT
merge
ce.lijit.com/ Frame 278B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KO1C0V2K-19-5QFX&gdpr=0
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KO1C0V2K-19-5QFX&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:24 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KO1C0V2K-19-5QFX&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
usync.js
eus.rubiconproject.com/ Frame AB6C 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34692
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
integrator.js
adservice.google.de/adsid/ Frame 4DD5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=krdo.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4DD5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=krdo.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4DD5 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4333824606667075&correlator=3227803400898147&output=ldjh&impl=fif&eid=31060746%2C31060788%2C31060790%2C31060933&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=27794161%2Cwral.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x100%7C300x250%7C250x250%7C320x50&prev_scp=h%3D10%26shb%3D1%26tg%3D0%26amznbid%3D2%26amznp%3D2%26ics%3D300x250%26iba%3D00001%26iaid%3D399209320a39707%26ib%3Drubicon%26p%3DBTF%26Exclude_Adx%3DN%26it%3Dil&cookie=ID%3D131dba31b10a2d4e%3AT%3D1619606718%3AS%3DALNI_Mb7dVXKjyppNFTuqup85WyMxLzT4Q&cdm=krdo.com&bc=31&abxe=1&lmt=1619606723&dt=1619606723517&dlt=1619606722046&idt=1432&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1050&adys=564&adks=749415143&ucis=8r91ansef8su&ifi=1&ifk=1313953813&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&top=https%3A%2F%2Fkrdo.com%2FMTSS-web%2FLakana-Stage.com%2FNews%2FGalleries%2Fdas-most-wanted-photos-%2F33965818%2520tsara-Brashears&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x280&msz=336x-1&ga_vid=334410478.1619606718&ga_sid=1619606724&ga_hid=422079125&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e59b01f3c5194d51519365770672ac9847b2f044d83c786dc5c4c8562ecd2877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6292
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://krdo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DD5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DD5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AB6C
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO1C0V2K-19-5QFX&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO1C0V2K-19-5QFX&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO1C0V2K-19-5QFX&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B89A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIk8v_6OHfTmY81fheaBfQAABLwAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeydp2SxCgHtMFitTgjtBU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeydp2SxCgHtMFitTgjtBU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeydp2SxCgHtMFitTgjtBU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B89A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIk8v-6OHfTmY81fheaBfQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B89A 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YIk8v_6OHfTmY81fheaBfQAABLwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B89A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIk8v-6OHfTmY81fheaBfQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOlAUtQwH2i1ZdAtIa6b-I&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOlAUtQwH2i1ZdAtIa6b-I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOlAUtQwH2i1ZdAtIa6b-I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B89A
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3c090c35-2369-4fa8-a87a-a6d772dce9bb
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3c090c35-2369-4fa8-a87a-a6d772dce9bb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:23 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3c090c35-2369-4fa8-a87a-a6d772dce9bb
date
Wed, 28 Apr 2021 10:45:23 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame B89A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&expiration=1622198723
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&expiration=1622198723
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:30 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:30 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&expiration=1622198723
alt-svc
clear
content-length
0
noop
px.owneriq.net/ Frame B89A
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6728931231667818961&uid=Q6728931231667818961&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:24 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 28 Apr 2021 10:45:24 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame B89A
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_60893cc397893&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60893cc397893
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60893cc397893
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:23 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:23 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_60893cc397893
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B89A 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YIk8v_6OHfTmY81fheaBfQAABLwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=279008679709069790
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=279008679709069790
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
10cebf8d-a69b-4294-b542-171571b1e1c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=279008679709069790
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 7AD2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy=
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=oHFPo6UiFKm7eEGq9yVaoqBzRqK7dBb4o3Z7a7ge
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=oHFPo6UiFKm7eEGq9yVaoqBzRqK7dBb4o3Z7a7ge
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.69.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-69-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=1&user_id=oHFPo6UiFKm7eEGq9yVaoqBzRqK7dBb4o3Z7a7ge
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 7AD2
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28e2b9yAeWyIxY7mTt-uQyeG0dLpIkiAnWByY93oJPJ9L60rclPoyu48m5bFIL8UZF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&obuid=ENC(e2b9yAeWyIxY7mTt-uQyeG0dLpIkiAnWByY93oJPJ9L60rclPoyu48m5bFIL8UZF)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
Cache-Control
no-cache
X-TraceId
b9fd3c6ff7ae2f3ca05de4b0f0fec18a
Content-Length
0

Redirect headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd6a2bd0b-a80e-11eb-8def-06c34cbe9980
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=060f31ab-66b5-0779-39dc-c99471a871e7
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=060f31ab-66b5-0779-39dc-c99471a871e7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=060f31ab-66b5-0779-39dc-c99471a871e7
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-e454b439-e1a6-44f8-546b-d1e0b4ff17ed$ip$185.9.18.83
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-e454b439-e1a6-44f8-546b-d1e0b4ff17ed$ip$185.9.18.83
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-e454b439-e1a6-44f8-546b-d1e0b4ff17ed$ip$185.9.18.83
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Content-Length
120
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-N2gjcHpE2pcnTaQ5UbRWDKCRbfvXOWq7rN61~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-N2gjcHpE2pcnTaQ5UbRWDKCRbfvXOWq7rN61~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 28 Apr 2021 10:45:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-N2gjcHpE2pcnTaQ5UbRWDKCRbfvXOWq7rN61~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=d6128b7d-a80e-11eb-a91a-998f56f82790
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=d6128b7d-a80e-11eb-a91a-998f56f82790
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=d6128b7d-a80e-11eb-a91a-998f56f82790
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d6128b7e-a80e-11eb-a91a-998f56f82790
services
sync.technoratimedia.com/ Frame 7AD2 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
700751058
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7AD2 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=32d804a4-eebc-4477-ba20-c3bf441a4d96
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=32d804a4-eebc-4477-ba20-c3bf441a4d96
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=32d804a4-eebc-4477-ba20-c3bf441a4d96
date
Wed, 28 Apr 2021 10:45:23 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3706976845
  • https://sync.1rx.io/usersync/tradedesk/809107c7-3378-41c8-a18d-5084064fb8f8
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8f4549c3-505a-4e81-81c5-267cf3940452-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
date
Wed, 28 Apr 2021 10:45:24 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8f4549c3505a4e8181c5267cf3940452003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 7AD2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-lw8v7
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7AD2 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame A94B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x24
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=a1756089-3cc6-4200-bc6d-91540a9e756b; domain=.mathtag.com; path=/; expires=Thu, 26-May-2022 10:45:26 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=a1756089-3cc6-4200-bc6d-91540a9e756b&gdpr=&gdpr_consent=
Expires
Wed, 28 Apr 2021 10:45:22 GMT
usersync
rtb.gumgum.com/ Frame FD17
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:25 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YIk8xQAAigqNBwA4&gdpr=&gdpr_consent=&_test=YIk8xQAAigqNBwA4
accept-ranges
bytes
date
Wed, 28 Apr 2021 10:45:25 GMT
via
1.1 varnish
x-served-by
cache-fra19145-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1619606725.084519,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame AEE3 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2Q3ZDM1Yi1jMDA0LTQ3NDMtYWFjMC05MmE2M2E2Yzk0MDg=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2Q3ZDM1Yi1jMDA0LTQ3NDMtYWFjMC05MmE2M2E2Yzk0MDg=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmyRNEi6a57fEG2l7IM2no5DH0vfar-LWCPNzY9FljhT0mbOD5_owad6dCZuMM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 28 Apr 2021 10:45:23 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D16 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=51219
Expires
Thu, 29 Apr 2021 00:59:02 GMT
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame A1A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=809107c7-3378-41c8-a18d-5084064fb8f8&t=1622198723
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=809107c7-3378-41c8-a18d-5084064fb8f8; domain=.adsrvr.org; expires=Thu, 28-Apr-2022 10:45:23 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwi2ka_Tro_FORAFOAE.; domain=.adsrvr.org; expires=Thu, 28-Apr-2022 10:45:23 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 80A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 28 Apr 2021 10:45:26 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 791C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:27 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:27 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YIk8x8Co8YwAAFFrohIAAAAA; path=/; expires=Fri, 28-Apr-23 10:45:27 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
2
X-SO-HostName
m-ad254.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":62,"gdpr":false,"ipv4":"185.9.18.83","key":"YIk8x8Co8YwAAFFrohIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad254"}
X-SO-Key
YIk8x8Co8YwAAFFrohIAAAAA
X-SO-IP
185.9.18.83
X-SO-Cluster-ID
62
X-SO-Upstream-ID
m-ad254
usersync
rtb.gumgum.com/ Frame 2CE7
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082354
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082354
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316019586082354
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDS1MDOwMDI2NRHiM9QNNHIrcA8sjo8M8nKR4jU0M7Q0MzAzN7I0MzEDAICMp0o0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 May 2022 10:45:29 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhpZmBmbmRpZmIGAK8oz9YQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 May 2022 10:45:29 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDS1MDOwMDI2NRHiM9QNNHIrcA8sjo8M8nIBAJN1Sw8lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082354
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 40D9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_57d7d35b-c004-4743-aac0-92a63a6c9408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 28 Apr 2021 10:45:26 GMT Wed, 28 Apr 2021 10:45:26 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=C9o0nmiaCJq3GnukVLd4&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 271A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8164635290675019404
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8164635290675019404
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=6F7D7723-A198-426F-8996-478056294CA8; chkChromeAb67Sec=1; DPSync3=1620777600%3A221_201_227_226; SyncRTB3=1620432000%3A63%7C1622160000%3A203%7C1620777600%3A165_166_22_81_161_21_54_13_56_7_3_71_8_55%7C1620172800%3A2_223_15%7C1620864000%3A35; KRTBCOOKIE_22=14911-8355863204268950766; PUBMDCID=3; KRTBCOOKIE_377=6810-809107c7-3378-41c8-a18d-5084064fb8f8&KRTB&22918-809107c7-3378-41c8-a18d-5084064fb8f8&KRTB&23031-809107c7-3378-41c8-a18d-5084064fb8f8; KRTBCOOKIE_153=1923-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs&KRTB&19420-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs&KRTB&22979-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs; KRTBCOOKIE_188=3189-f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348; KRTBCOOKIE_57=22776-279008679709069790; KRTBCOOKIE_80=16514-CAESEDDeLeeur9hdxH1Q8t_aAbg&KRTB&22987-CAESEDDeLeeur9hdxH1Q8t_aAbg&KRTB&23025-CAESEDDeLeeur9hdxH1Q8t_aAbg; KRTBCOOKIE_218=22978-YIk8xQAAikGNCQA4&KRTB&23194-YIk8xQAAikGNCQA4&KRTB&23209-YIk8xQAAikGNCQA4&KRTB&23244-YIk8xQAAikGNCQA4; KRTBCOOKIE_466=16530-5478d71e-de3c-44be-944c-8a64b21ed8f8; SPugT=1619606725; KRTBCOOKIE_27=16735-uid:10cb6089-3cc6-4e00-b916-2d132df6f614&KRTB&16736-uid:10cb6089-3cc6-4e00-b916-2d132df6f614&KRTB&23019-uid:10cb6089-3cc6-4e00-b916-2d132df6f614&KRTB&23114-uid:10cb6089-3cc6-4e00-b916-2d132df6f614; PugT=1619606726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8164635290675019404; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 10:45:25 GMT; path=/ PugT=1619606725; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 10:45:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 10:45:25 GMT; path=/
X-lat
amspug004:0:398
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8164635290675019404
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7067 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 28 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1234
date
Wed, 28 Apr 2021 10:45:27 GMT
content-length
43
/
dsp.adfarm1.adition.com/cookie/ Frame C3F0 		0
0
adx
match.prod.bidr.io/cookie-sync/ Frame 783A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUHprN0JFbm9BQUNxMnFpcUtNdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
0
0
bridge
cm.adgrx.com/ Frame ECC5 		0
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6B2E 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6F7D7723-A198-426F-8996-478056294CA8&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A65ujF6QwkYau0hDIdLO3Mc; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5308
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b313I6GYQm-JlkeAVilMqA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=51219
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 29 Apr 2021 00:59:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5308 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6F7D7723-A198-426F-8996-478056294CA8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
646fb3668b4a3128-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b9ae7419000031286c101000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 5308
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:26 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:26 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6F7D7723-A198-426F-8996-478056294CA8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6F7D7723-A198-426F-8996-478056294CA8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6F7D7723-A198-426F-8996-478056294CA8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6F7D7723-A198-426F-8996-478056294CA8&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6F7D7723-A198-426F-8996-478056294CA8&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 28 Apr 2021 10:45:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6F7D7723-A198-426F-8996-478056294CA8&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDDeLeeur9hdxH1Q8t_aAbg&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDDeLeeur9hdxH1Q8t_aAbg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
X-lat
amspug012:0:508
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDDeLeeur9hdxH1Q8t_aAbg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=809107c7-3378-41c8-a18d-5084064fb8f8
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=809107c7-3378-41c8-a18d-5084064fb8f8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
X-lat
lhrpug019:0:291
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=809107c7-3378-41c8-a18d-5084064fb8f8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=868959224502290637
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=868959224502290637
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
X-lat
lhrpug001:0:470
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=868959224502290637
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:10cb6089-3cc6-4e00-b916-2d132df6f614&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:10cb6089-3cc6-4e00-b916-2d132df6f614&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
X-lat
lhrpug005:0:419
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
MT3 3660 495c301 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:10cb6089-3cc6-4e00-b916-2d132df6f614&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 10:45:22 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=279008679709069790&gdpr=0&gdpr_consent=
42 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=279008679709069790&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
X-lat
amspug020:0:390
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:23 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid
83a451ea-e088-481c-aa07-018864f1b05e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=279008679709069790&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6F7D7723-A198-426F-8996-478056294CA8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5308 		43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6F7D7723-A198-426F-8996-478056294CA8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F7D7723-A198-426F-8996-478056294CA8&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F7D7723-A198-426F-8996-478056294CA8&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vszhac1E2uUxAFSNzuwJAr1A_RGCRiQ-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vszhac1E2uUxAFSNzuwJAr1A_RGCRiQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vszhac1E2uUxAFSNzuwJAr1A_RGCRiQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:21 GMT
X-lat
amspug009:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5478d71e-de3c-44be-944c-8a64b21ed8f8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5478d71e-de3c-44be-944c-8a64b21ed8f8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
X-lat
lhrpug010:0:475
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5478d71e-de3c-44be-944c-8a64b21ed8f8&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 28 Apr 2021 10:45:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8355863204268950766&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8355863204268950766&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
X-lat
lhrpug009:0:448
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8355863204268950766&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIk8xQAAikGNCQA4&gdpr=0&gdpr_consent=&_test=YIk8xQAAikGNCQA4
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIk8xQAAikGNCQA4&gdpr=0&gdpr_consent=&_test=YIk8xQAAikGNCQA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
X-lat
lhrpug019:0:629
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619606725.113259,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIk8xQAAikGNCQA4&gdpr=0&gdpr_consent=&_test=YIk8xQAAikGNCQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34654f94-8021-4899-8b7d-48b29f57cd34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34654f94-8021-4899-8b7d-48b29f57cd34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
X-lat
lhrpug008:0:412
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34654f94-8021-4899-8b7d-48b29f57cd34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 28 Apr 2021 10:45:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 5308
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:22 GMT
X-lat
amspug017:0:509
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:22 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5308 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F7D7723-A198-426F-8996-478056294CA8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame 5308 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 27 Apr 2021 10:45:24 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F8A0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=6F7D7723-A198-426F-8996-478056294CA8; chkChromeAb67Sec=1; DPSync3=1620777600%3A221_201_227_226; SyncRTB3=1620432000%3A63%7C1622160000%3A203%7C1620777600%3A165_166_22_81_161_21_54_13_56_7_3_71_8_55%7C1620172800%3A2_223_15%7C1620864000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46210
Expires
Wed, 28 Apr 2021 23:35:33 GMT
Date
Wed, 28 Apr 2021 10:45:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
709414.gif
id.rlcdn.com/ Frame AB6C 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
via
1.1 google
alt-svc
clear
content-length
0
token
token.rubiconproject.com/ Frame AB6C 		0
0
tap.php
pixel.rubiconproject.com/ Frame AB6C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YIk8xQAAiDgFBwAC
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIk8xQAAiDgFBwAC&_test=YIk8xQAAiDgFBwAC
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIk8xQAAiDgFBwAC&_test=YIk8xQAAiDgFBwAC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619606725.113231,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIk8xQAAiDgFBwAC&_test=YIk8xQAAiDgFBwAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
token
token.rubiconproject.com/ Frame AB6C 		0
0
token
token.rubiconproject.com/ Frame AB6C 		0
0
tap.php
pixel.rubiconproject.com/ Frame AB6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED-j_YqBYE0tOgCmqDiDF54&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED-j_YqBYE0tOgCmqDiDF54&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED-j_YqBYE0tOgCmqDiDF54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AB6C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f9136089-3cc6-4200-8ab4-d33ac8fd891c
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f9136089-3cc6-4200-8ab4-d33ac8fd891c
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

Date
Wed, 28 Apr 2021 10:45:23 GMT
Server
MT3 3660 495c301 master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f9136089-3cc6-4200-8ab4-d33ac8fd891c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 10:45:22 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame AB6C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
container.html
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 111A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 10:45:23 GMT
expires
Thu, 28 Apr 2022 10:45:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4DD5 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 111A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpTzfwzyJYOuBI5-S7_UP79e82AHEs6CUXL7QuIXlAsCNtwEQASAAYPUFggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAnHz_e_qy4U-4AIAqAMBqgTBAk_QLIqzG9AkEliOdpJTdtMzm705Ikoj0pRi9dXyC0twg0M3Yi0AdkXT44MpJarPw-lDWnW_SG802m7SM6GVrvU4wwwRcz_jGO2uApdr_I1HUqXlThQZJFA-V32-qjVX6IxaiggOkRgI3AhuvXVptwMBdCJ88401hM8jQEtktHwKQNbLdt1wue3zLDr9NrhXAxYrXtZJAcAO7niNiFIhLFqmJr0SntmFqUkjpec35V157C1Wb_5iupq55z1ABFQzCbWc2uZ6QXaJqci45qtEYyNrIt82xTq6L6h_sYStYXlaSIVD32SqmSFTPV10_pjb9EsXCCwpYQ1HzqbVLPAxCiRR-ioG791aHYiR4KhNBL-q9RpDV2krodwxU17Tcv26IIgfLApXUj_y7HxPkOLsV-JfGIt3Ktj5lNjk-aFEdBbTJuAEAYAGlpudn6Gbv668AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMjQxOTEyOTY2MTUxMjgxMoAKA_oLAggBgAwBshcYChYSFHB1Yi03NjMwOTYxMTYzNjQzMTM3&sigh=Z2X6kcNFCPs
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame 111A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=45512746;rtbwp=YIk8wwAIwOsIu8kfAA8r74QsOSv6rp_QGlZ0lg;rtbdata=213YhU2VLU08cKOoK60IiFU16SIv2xFWsIwI3Co11J1S95J-I5dtdQ6lzVbaIVSCmtWcX-WNwF-3hGUuunLiFqWTnCckS7A3hZiplPqqgTT6FasU3TM7ntvFAPKds8AN_cyIj1xFmPwlUYjghSm-r2yoCK0ASuxchsQBArNJrn4EnSUP9UivOKUd1f04ht5Mhj3zxD5eOnsMnocFUZMLRsBftTcjWjswXyaIszPey1Srsr1w7fEfJZfeSP2K8ovnrNz0SuqxuqgfZYAEIoOHAwRt6xq8jCMjHh1pKBDctJF2fQxrm6QQL-g66hxb0hdKET7YR12cbuFiaF_C9rQrug2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CsLDIwzyJYOuBI5-S7_UP79e82AHEs6CUXL7QuIXlAsCNtwEQASAAYPUFggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAnHz_e_qy4U-4AIAqAMBqgTEAk_QLIqzG9AkEliOdpJTdtMzm705Ikoj0pRi9dXyC0twg0M3Yi0AdkXT44MpJarPw-lDWnW_SG802m7SM6GVrvU4wwwRcz_jGO2uApdr_I1HUqXlThQZJFA-V32-qjVX6IxaiggOkRgI3AhuvXVptwMBdCJ88401hM8jQEtktHwKQNbLdt1wue3zLDr9NrhXAxYrXtZJAcAO7niNiFIhLFqmJr0SntmFqUkjpec35V157C1Wb_5iupq55z1ABFQzCbWc2uZ6QXaJqci45qtEYyNrIt82xTq6L6h_sYStYXlaSIVD32SqmSFTPV10_pjb9EsXCCwpYQ1HzqbVLPAxCiRR-ioG791aHYiR4KhNBL-q9RpDV2krodwxU17Tcv26IIgfLApXUj_y7HxPkOLsV6BdFRnC-AOxWAOyK3JDoe3eMqRgNuAEAYAGlpudn6Gbv668AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMjQxOTEyOTY2MTUxMjgxMvoLAggBgAwB&num=1&sig=AOD64_3o86pgx4A8dGe0ibm6boaGbfPxfg&client=ca-pub-7630961163643137&adurl=
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a89cd089747310d0b2211e93ca342f5d28814f2622af287a9da6f3a484ac99a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1888
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 111A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 10:42:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 111A 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 10:45:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 111A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 10:31:27 GMT
l
www.google.com/ads/measurement/ Frame 111A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB0JCT5sJ2OYb03I1hNnozYh7tZBTybDucurpp9lMsKGvdnMw0b-NoejY_ZWNouDrcmiQNWjKSIMVJUg9TUi9m5t7u4Q
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 111A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 08:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7940
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 08:33:03 GMT
pixel
protected-by.clarium.io/ Frame 111A 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzIxMjQ4OTY1NjA6MzAweDI1MA==&v=5&s=v31f4c1an80&id=eyJkZnAiOnsiYWQiOjQ0MjU0NjU4MDMsImMiOm51bGwsImwiOjAsIm8iOjIxMjQ4OTY1NjAsIkEiOiIvMjc3OTQxNjEvd3JhbC5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjIwOTkwNCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn19&sb=3&cb=6787395&h=krdo.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6SXhNalE0T1RZMU5qQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMTI0ODk2NTYwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.80.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:24 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
s1.adform.net/stoat/623/s1.adform.net/ Frame 111A 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/623/s1.adform.net/bootstrap.js
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ec14ac94666281fc011ae5abdcc49e2f47a911acc9ca776ddbf0b7fbd40ccd98

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 08:37:28 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Apr 2021 14:21:00 GMT
/
s1.adform.net/adfstub/ Frame 111A 		49 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/adfstub/?url=https%3A%2F%2Fkrdo.com%2Fadform%2FIFrameManager.html
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 10:45:24 GMT
server
nginx
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, private
expires
Wed, 28 Apr 2021 10:45:24 GMT
StubHelper.js
s1.adform.net/banners/scripts/extra/ Frame 111A 		46 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/extra/StubHelper.js?bv=623
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2016 13:50:30 GMT
server
nginx
etag
W/"57bda626-2e"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
/
track.adform.net/adfserve/ Frame 111A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=45512746;rtbwp=YIk8wwAIwOsIu8kfAA8r74QsOSv6rp_QGlZ0lg;rtbdata=213YhU2VLU08cKOoK60IiFU16SIv2xFWsIwI3Co11J1S95J-I5dtdQ6lzVbaIVSCmtWcX-WNwF-3hGUuunLiFqWTnCckS7A3hZiplPqqgTT6FasU3TM7ntvFAPKds8AN_cyIj1xFmPwlUYjghSm-r2yoCK0ASuxchsQBArNJrn4EnSUP9UivOKUd1f04ht5Mhj3zxD5eOnsMnocFUZMLRsBftTcjWjswXyaIszPey1Srsr1w7fEfJZfeSP2K8ovnrNz0SuqxuqgfZYAEIoOHAwRt6xq8jCMjHh1pKBDctJF2fQxrm6QQL-g66hxb0hdKET7YR12cbuFiaF_C9rQrug2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CsLDIwzyJYOuBI5-S7_UP79e82AHEs6CUXL7QuIXlAsCNtwEQASAAYPUFggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAnHz_e_qy4U-4AIAqAMBqgTEAk_QLIqzG9AkEliOdpJTdtMzm705Ikoj0pRi9dXyC0twg0M3Yi0AdkXT44MpJarPw-lDWnW_SG802m7SM6GVrvU4wwwRcz_jGO2uApdr_I1HUqXlThQZJFA-V32-qjVX6IxaiggOkRgI3AhuvXVptwMBdCJ88401hM8jQEtktHwKQNbLdt1wue3zLDr9NrhXAxYrXtZJAcAO7niNiFIhLFqmJr0SntmFqUkjpec35V157C1Wb_5iupq55z1ABFQzCbWc2uZ6QXaJqci45qtEYyNrIt82xTq6L6h_sYStYXlaSIVD32SqmSFTPV10_pjb9EsXCCwpYQ1HzqbVLPAxCiRR-ioG791aHYiR4KhNBL-q9RpDV2krodwxU17Tcv26IIgfLApXUj_y7HxPkOLsV6BdFRnC-AOxWAOyK3JDoe3eMqRgNuAEAYAGlpudn6Gbv668AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tMjQxOTEyOTY2MTUxMjgxMvoLAggBgAwB&num=1&sig=AOD64_3o86pgx4A8dGe0ibm6boaGbfPxfg&client=ca-pub-7630961163643137&adurl=;js=1;adfxid=1x;4912;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fkrdo.com
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1a640cc7d9e143c5d16bfec93dc922a57c55528dadf8c696da6c4db8cd753004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3324
expires
-1
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ Frame 4DD5 		0
0
envelope
api.rlcdn.com/api/identity/ Frame 4DD5 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://krdo.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ Frame 4DD5 		108 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0f3edf4444bf3704cd30ac51d953aacaa1558f92dbda85bd3cd62dfc3a2a639

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://krdo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 28 May 2021 10:45:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5D33 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 28 Apr 2021 06:38:34 GMT
expires
Thu, 29 Apr 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
14810
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 111A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a7ed8943bc129a1ada0fbece3a1755f65bcdd3343cae26fa253786f04f2b9cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/623/s1.adform.net/load/v/0.0.205/e/igSBggDA/i/vCAv.IAAAACgAA/r:AdConstructor:contents/ImageTag:types/ Frame 111A 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/623/s1.adform.net/load/v/0.0.205/e/igSBggDA/i/vCAv.IAAAACgAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/623/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6e8ad416c0fd6184ec7e34b697cbe684c841a9e8719f1cff5474c5e6ea4129e4

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 08:37:28 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Apr 2021 14:10:05 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5D33
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1&google_push=AQvitUJ07DHl9gEqspnhrIHVZfkV_-XPTBDgzF4nT3o5eoQLailvPpSOL1B40LQZ2eHYzh01xNMPowp9TIeAYn8Cw2lGv-TcI6xLhQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM1NTg2MzIwNDI2ODk1MDc2Ng==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAoGl4YTXZNla-cZmRGkEoo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D33
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENfDRvwID0qls-1j6fonJss&google_cver=1&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOPldxEI8FvHcgr3
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CC9E57CE0A404F9A991F5D40D0358805&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CC9E57CE0A404F9A991F5D40D0358805&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOPldxEI8FvHcgr3
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:24 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CC9E57CE0A404F9A991F5D40D0358805&google_push=AQvitUK7eEXqEzjcYNDkxKqtEwi4SZquZcbEd03BlJwhZ4eQOEKBsM-5KWS5Wq-NUMLcne0S2qZz_7lyBzlMZOPldxEI8FvHcgr3
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 27 Apr 2021 10:45:24 GMT
pixel
cm.g.doubleclick.net/ Frame 5D33
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLEVPfBQ1Qsg36WUqV3wDM&google_cver=1&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08xQzBWMkstMTktNVFGWA==&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4VXnbUbPgU7RGa8yrlEPDGWxl2oQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08xQzBWMkstMTktNVFGWA==&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4VXnbUbPgU7RGa8yrlEPDGWxl2oQ
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08xQzBWMkstMTktNVFGWA==&google_push=AQvitUIdpLcNnXX-_z878XEGdBu1AUkBGQy_3GVLz9jbgMtgTK88LVDIRF4DEps7yai6qYlVBB4VXnbUbPgU7RGa8yrlEPDGWxl2oQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5D33
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENqOglv5pERBeKP3iujwbaE&google_cver=1&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQObDjohVjooJMuekhv0rhRzpF2rXpKbS4QbGjLIea_oPORjQ7J6jSl...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d975ca1957d465c2e42c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d975ca1957d465c2e42c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQObDjohVjooJMuekhv0rhRzpF2rXpKbS4QbGjLIea_oPORjQ7J6jSlKVFEF1yBM2bsYw
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:24 GMT
via
1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d975ca1957d465c2e42c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKrquIB7pUWlLK5MuNb-3vsJTJRtrQObDjohVjooJMuekhv0rhRzpF2rXpKbS4QbGjLIea_oPORjQ7J6jSlKVFEF1yBM2bsYw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DkFEEq_6H8HKyp9xfnhakshHZ3lAvKZT6RiXXAKc2zvXP5305EYkUQ==
pixel
cm.g.doubleclick.net/ Frame 5D33
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUL6bJzG9d9ZhJX3PJKHN...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ&google_hm=A49FScNQWk6BgcUmfPOUBFI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ&google_hm=A49FScNQWk6BgcUmfPOUBFI
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUL6bJzG9d9ZhJX3PJKHNsI122R4IBIrOT0CCPsOaplrRhChMWB-rIhhd9FGLGPUJMx5aoLJgTMKvJtYWNMXbhufcXdRz1vLgQ&google_hm=A49FScNQWk6BgcUmfPOUBFI
date
Wed, 28 Apr 2021 10:45:24 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8f4549c3505a4e8181c5267cf3940452003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 5D33
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFKSmK0nKyPRhgOREvr9DLY&google_cver=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt1xpAlkasp-BxkrYRBdPENDAWwU7bOrbVEQ6irBjwX2OfvM7dC-Tra4jqmiE0ZLzL1B...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&mn_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&mn_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt1xpAlkasp-BxkrYRBdPENDAWwU7bOrbVEQ6irBjwX2OfvM7dC-Tra4jqmiE0ZLzL1BAcQdw
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:25 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&mn_hm=MjYyNjA4MzI1Nzk0NzUzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZ1OQMVdwsXQEKf2_CfVADdbt1xpAlkasp-BxkrYRBdPENDAWwU7bOrbVEQ6irBjwX2OfvM7dC-Tra4jqmiE0ZLzL1BAcQdw
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 28 Apr 2021 10:45:25 GMT
dot.gif
s0.2mdn.net/ Frame 5D33 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEFORaAR9lOfdphdHFkxOh1w&google_cver=1&google_push=AQvitUJbFK51jtPcPyA-FgDJSZUkkLDzLYz6-Jp9vVAOJdoV5bFZhDV_h9Rf6LPBGpvoPWKjL9ecde48sFq48eIB3Eey6-ABx_h3Ut8
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 10:45:24 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5D33 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtreNGlFmVehs9t4j02uvi_OD--9HM7bt850E9WOQnjdizgVtv-CyWcLgJTtGccsU9dghhRg
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
track.adform.net/csimpr/ Frame 111A 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=45512746&csi=gzStGTbyHT82_EkWJMerH2hcaIt50eatSCII-E2y6VTrygPkIxxfk909RiccrL-t4FRr7CGmN5uizWJFc68z62QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/623/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
44665501.jpg
s1.adform.net/Banners/44665501/ Frame 111A 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/44665501/44665501.jpg?bv=2
Requested by
Host: 581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
URL: https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
14cbe371cc58521ce4fa7fea7672a57160417da953b9ff4e7bf41f94c3d2766b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:24 GMT
last-modified
Wed, 21 Apr 2021 08:35:31 GMT
server
nginx
etag
"607fe3d3-bb9e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
48030
setuid
x.yieldlift.com/ Frame D3BB
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
x.yieldlift.com/ Frame D3BB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003&rndcb=4107639225
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8&google_hm=NTQ3OGQ3MWUtZGUzYy00NGJlLTk0NGMtOGE2NGIyMWVk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED3kq46HbEZxdMBaWMqqM_4&google_cver=1&ssp=adconductor&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8
  • https://sync.1rx.io/usersync/bidswitch/5478d71e-de3c-44be-944c-8a64b21ed8f8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

location
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
date
Wed, 28 Apr 2021 10:45:25 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8f4549c3505a4e8181c5267cf3940452003
content-type
text/html
setuid
x.yieldlift.com/ Frame D3BB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
um
cs.emxdgt.com/ Frame D3BB 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame D3BB
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
x.yieldlift.com/ Frame D3BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:25 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid
3a08612b-3a06-42b8-85f1-6bcbadfff57c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame 5DF5
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
0
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=f0c559b4-9ad0-445f-ae0c-dc477afc289c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
cs.emxdgt.com/ Frame 5DF5 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
content-length
0
content-type
text/html
setuid
x.yieldlift.com/ Frame 5DF5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KO1C0V2K-19-5QFX
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
sync.targeting.unrulymedia.com/csync/ Frame 5DF5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8f4549c3-505a-4e81-81c5-267cf3940452-003&rndcb=1851553953
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=5478d71e-de3c-44be-944c-8a64b21ed8f8
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=5478d71e-de3c-44be-944c-8a64b21ed8f8
  • https://sync.1rx.io/usersync/bidswitch/5478d71e-de3c-44be-944c-8a64b21ed8f8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:26 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-8f4549c3-505a-4e81-81c5-267cf3940452-003
pragma
no-cache
date
Wed, 28 Apr 2021 10:45:26 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
sd
us-u.openx.net/w/1.0/ Frame 5DF5
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRIZCNjGcMQwTMCyCpw-84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
x.yieldlift.com/ Frame 5DF5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:25 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
ab636ec8-a773-46f3-a0ca-7d968e4e68ab
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=279008679709069790
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5308 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:25 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 111A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_Sjtho-PMLjMo7IrH_KiX9asL4nkNm-27XuiIiD40pKlm5iHf0ItfnmcYQ67CWiiIdkmeKB3A4_CkN2NnvQ2OYAnTjLiFuA&sig=Cg0ArKJSzN30es0_Np8EEAE&cid=CAASFeRoJcmY7y6FK9qiXLQIPw63W7DsRA&id=lidar2&mcvt=1000&p=15,0,265,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=20&adk=749415143&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619606723770&dlt=30&rpt=24&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 111A 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=438595482620761812@@45512746,7269383487861515315,94|1201|0|0|0|0|0|0|0||44|1|1|60893cc300096bc608bbc54a4f03ee01_1|||1|0|0|LYBC--wlLUZX7EYoWZQhUd4Zn92Atexec1jfZ_GoCyvbCLdXZ-TFVskllzAqADQrA7z_uuw_WOM1|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/623/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 111A 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=45512746&event=178&time=1&baid=44665501&name=Viewable%20impressions&imprid=7269383487861515315&icid=438595482620761812&eData=gzStGTbyHT_lHzgwY-9YxkLefXOBh2p24fn4X_ACi5hG9AhFKb-OUa7fEUJ-ozxyORZ5EElS_iEau94oJsHc8Q2&rtbdata=213YhU2VLU08cKOoK60IiFU16SIv2xFWsIwI3Co11J1S95J-I5dtdQ6lzVbaIVSCmtWcX-WNwF-3hGUuunLiFqWTnCckS7A3hZiplPqqgTT6FasU3TM7ntvFAPKds8AN_cyIj1xFmPwlUYjghSm-r2yoCK0ASuxchsQBArNJrn4EnSUP9UivOKUd1f04ht5Mhj3zxD5eOnsMnocFUZMLRsBftTcjWjswXyaIszPey1Srsr1w7fEfJZfeSP2K8ovnrNz0SuqxuqgfZYAEIoOHAwRt6xq8jCMjHh1pKBDctJF2fQxrm6QQL-g66hxb0hdKET7YR12cbuFiaF_C9rQrug2&rtbwp=YIk8wwAIwOsIu8kfAA8r74QsOSv6rp_QGlZ0lg&rnd=404579382
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:25 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
showad.js
ads.pubmatic.com/AdServer/js/ Frame F8A0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=6F7D7723-A198-426F-8996-478056294CA8; chkChromeAb67Sec=1; DPSync3=1620777600%3A221_201_227_226; SyncRTB3=1620432000%3A63%7C1622160000%3A203%7C1620777600%3A165_166_22_81_161_21_54_13_56_7_3_71_8_55%7C1620172800%3A2_223_15%7C1620864000%3A35; KRTBCOOKIE_22=14911-8355863204268950766; PUBMDCID=3; KRTBCOOKIE_377=6810-809107c7-3378-41c8-a18d-5084064fb8f8&KRTB&22918-809107c7-3378-41c8-a18d-5084064fb8f8&KRTB&23031-809107c7-3378-41c8-a18d-5084064fb8f8; KRTBCOOKIE_153=1923-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs&KRTB&19420-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs&KRTB&22979-l85R45KdCumMx1_qwJpE4pfMWOKMywi4lMkLEmEs; KRTBCOOKIE_188=3189-f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348; KRTBCOOKIE_57=22776-279008679709069790; KRTBCOOKIE_80=16514-CAESEDDeLeeur9hdxH1Q8t_aAbg&KRTB&22987-CAESEDDeLeeur9hdxH1Q8t_aAbg&KRTB&23025-CAESEDDeLeeur9hdxH1Q8t_aAbg; KRTBCOOKIE_218=22978-YIk8xQAAikGNCQA4&KRTB&23194-YIk8xQAAikGNCQA4&KRTB&23209-YIk8xQAAikGNCQA4&KRTB&23244-YIk8xQAAikGNCQA4; PugT=1619606725; KRTBCOOKIE_466=16530-5478d71e-de3c-44be-944c-8a64b21ed8f8; SPugT=1619606725; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46193
Expires
Wed, 28 Apr 2021 23:35:20 GMT
Date
Wed, 28 Apr 2021 10:45:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame F8A0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81405222&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c890d84cd08ee89d689459446dd2f86730baf9ae105fd6fbd8ee6e06e4cc7182

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1730
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame F8A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEqalW9B39i-awB1EuJOOTY&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEqalW9B39i-awB1EuJOOTY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
X-lat
amspug005:0:380
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEqalW9B39i-awB1EuJOOTY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F8A0 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 27 Apr 2021 10:45:27 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9102
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5726185930160061537
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5726185930160061537
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:27 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5726185930160061537; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 10:45:27 GMT; path=/ PugT=1619606727; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 10:45:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 10:45:27 GMT; path=/
X-lat
amspug019:0:366
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5726185930160061537
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame F8A0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=565cb74d-d219-4cf0-b470-4689722abe1d
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=565cb74d-d219-4cf0-b470-4689722abe1d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
X-lat
lhrpug015:0:446
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=565cb74d-d219-4cf0-b470-4689722abe1d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame 5F5F 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 28 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1200
date
Wed, 28 Apr 2021 10:45:26 GMT
content-length
43
usersync
rtb.gumgum.com/ Frame 0B1E 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=26BEF33A-1E6C-4D48-BC3B-B297CF88379D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=26BEF33A-1E6C-4D48-BC3B-B297CF88379D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 28 Apr 2021 10:45:27 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F8A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr7zOh5sTUi8O7KXz4g3nQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr7zOh5sTUi8O7KXz4g3nQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=51159
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 29 Apr 2021 00:58:06 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F8A0 		95 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
646fb3808e763128-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b9ae84550000312820b90000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame F8A0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:26 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:26 GMT
frontend-id
5
location
/pubmatic/1/info2?sType=sync&sExtCookieId=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame F8A0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:27 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 28 Apr 2021 10:45:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26BEF33A-1E6C-4D48-BC3B-B297CF88379D&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame F8A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZCRUYzM0EtMUU2Qy00RDQ4LUJDM0ItQjI5N0NGODgzNzlE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZCRUYzM0EtMUU2Qy00RDQ4LUJDM0ItQjI5N0NGODgzNzlE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
X-lat
amspug001:0:356
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 4DD5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid
f36e71de-2b33-4513-bab2-046f65c7e43a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set beacon
ap.lijit.com/ Frame E48C
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406715
  • https://ap.lijit.com/beacon?informer=13406715&dnr=1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715&dnr=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
743b95858338b05a624e105091ef4b04af0b74cb7d0fb00cca292929b4c19984

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=7a69bc50656b6b0a1d97d169
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxd0EESgCAMA8C%2FcPZgCi2NX3P8u%2BJwaY7LlJByN7QLAQY7jEezRTsT0RcjqnvlRDVOscTNHWeAL5OcdeI7ScmQCilvpHTKIXax5Jnel0YW%2B4cG%2BXvWHbrkDckbrHaZ97Lv8wLIMU6h;Path=/;Domain=.lijit.com;Expires=Thu, 28-Apr-2022 10:45:29 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=7a69bc50656b6b0a1d97d169;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1

Redirect headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Length
0
Set-Cookie
ljt_reader=7a69bc50656b6b0a1d97d169;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13406715&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
pd
eu-u.openx.net/w/1.0/ Frame 6751
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
102fede3ff51e238c2dbe7c90d6e5f85e1a91e71478a6e0cbb8972868db6202e

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3b38b92a-fbac-0c54-055e-f2e9a4fc12c4|1619606729
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3b38b92a-fbac-0c54-055e-f2e9a4fc12c4|1619606729; Version=1; Expires=Thu, 28-Apr-2022 10:45:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619606729|gekin0vNiygu; Version=1; Expires=Thu, 13-May-2021 10:45:29 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=3b38b92a-fbac-0c54-055e-f2e9a4fc12c4|1619606729; Version=1; Expires=Thu, 28-Apr-2022 10:45:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
date
Wed, 28 Apr 2021 10:45:29 GMT
content-length
0
via
1.1 google
alt-svc
clear
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 3EB7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9B) /
Resource Hash
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_3.27.1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
500
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Wed, 28 Apr 2021 10:45:29 GMT
etag
"41cc-5b96de62f8100"
expires
Wed, 28 Apr 2021 11:00:29 GMT
last-modified
Thu, 21 Jan 2021 19:15:48 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C9B)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
426147807
content-length
5388
index.html
cdn.districtm.io/ids/ Frame 193A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
set-cookie
__cfduid=dae39018e92b9d63d26c879f0e200e1da1619606729; expires=Fri, 28-May-21 10:45:29 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
09b9ae8ac30000cc42bab62000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
646fb38acefecc42-ZRH
async_usersync.html
acdn.adnxs.com/dmp/ Frame FAAC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 28 Apr 2021 10:45:29 GMT
Age
20853
X-Served-By
cache-lga21957-LGA, cache-hhn4067-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 381094
X-Timer
S1619606729.446818,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AD05 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
sync.html
cdn.aralego.net/ucfad/cookie/ Frame F353 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
text/html
set-cookie
__cfduid=dacdc0c74836ef8e165db2ffa530cdc0a1619606729; expires=Fri, 28-May-21 10:45:29 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
7032
cf-request-id
09b9ae8ad500004ee0843d7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WlSvVVCq4gJ%2Fpbbl4YTt10l82HjqmSqRQpJTXiArLLH59biTA%2BpXyLLjAc5Abgr1ZfzqQglhO7%2F%2BViEIwHseojKcjzhZGyME1qzA%2F5v6XjTLxDdk4%2B4MdOtr8RQ%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646fb38aef6e4ee0-FRA
content-encoding
br
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4EFF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46191
Expires
Wed, 28 Apr 2021 23:35:20 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 0129 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://krdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

x-33x-status
2020008
server
33XP004
date
Wed, 28 Apr 2021 10:45:29 GMT
usync.html
eus.rubiconproject.com/ Frame F9D5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame A4C0 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://krdo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://krdo.com/

Response headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d3c43dac718974766d73ad21c58babe931619606729; expires=Fri, 28-May-21 10:45:29 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
QPg1IxGUgjHTe7yzLH8py8UlQ29OR40peYVEDcjXTyeAHVyZwzC0KXVtNZxdJdP2rI/IbEV/hlg=
x-amz-request-id
Q2J7PAP1GZJS9FPM
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5465
Expires
Wed, 28 Apr 2021 10:46:29 GMT
Cache-Control
public, max-age=60
cf-request-id
09b9ae8aff00000215e3b98000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
646fb38b3d890215-ZRH
Content-Encoding
gzip
bum
ums.acuityplatform.com/ Frame 4DD5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9a827d96-ff55-41ec-a7f8-04e1668507aa&bidswitch_ssp_id=sonobi
0
0
usersync
rtb.gumgum.com/ Frame 4DD5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent=&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9a827d96-ff55-41ec-a7f8-04e1668507aa
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk83a60a6a-b0b4-4e7b-8055-66fc978c0f13&expires=7&user_group=5&ssp=gumgum2&bsw_param=9a827d96-ff55-41ec-a7f8-04e1668507aa
  • https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
date
Wed, 28 Apr 2021 10:45:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
2.gif
id5-sync.com/cq/441/124/8/ Frame 4DD5
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_57d7d35b-c004-4743-aac0-92a63a6c9408&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAEi-fDUNgH9MQJQWSuxIJ8GWOYc_0cdYcM9rLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAEi-fDUNgH9MQJQWSuxIJ8GWOYc_0cdYcM9rLg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
0
0
us.gif
sync.go.sonobi.com/ Frame 4DD5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=565cb74d-d219-4cf0-b470-4689722abe1d&pubid=e315a43aa9
49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=565cb74d-d219-4cf0-b470-4689722abe1d&pubid=e315a43aa9
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=565cb74d-d219-4cf0-b470-4689722abe1d&pubid=e315a43aa9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame 4DD5
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9f846089-3cc9-4d00-be57-368269184655
49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9f846089-3cc9-4d00-be57-368269184655
Requested by
Host: krdo.com
URL: https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://krdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
Server
MT3 3660 495c301 master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=9f846089-3cc9-4d00-be57-368269184655
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 10:45:25 GMT
usync.js
eus.rubiconproject.com/ Frame F9D5 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34686
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
idsync
sync.aralego.com/ Frame F353
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/b270bb0c-0fbd-366a-aeef-0ad8ec12bcd6?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Me4xzjJE2oWHpyDqrQMHD9in6CHXCwFMQH7JxIE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=565cb74d-d219-4cf0-b470-4689722abe1d
0
0
sd
eu-u.openx.net/w/1.0/ Frame 6751
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f846089-3cc9-4d00-be57-368269184655
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f846089-3cc9-4d00-be57-368269184655
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
Server
MT3 3660 495c301 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f846089-3cc9-4d00-be57-368269184655
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 10:45:25 GMT
sd
us-u.openx.net/w/1.0/ Frame 6751
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=J71x6SLuKuk8un3jJrRk5iW1cOQ8vC_oJ7h5rLyU
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=J71x6SLuKuk8un3jJrRk5iW1cOQ8vC_oJ7h5rLyU
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=J71x6SLuKuk8un3jJrRk5iW1cOQ8vC_oJ7h5rLyU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6751
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=70888129581329036
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=70888129581329036
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=70888129581329036
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6751 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e8948673-522b-33a3-5f88-3a01c0db2139&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6751 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzRmYjU1YjktOWI1Yy02ZDA3LTRhNjgtNjBiODBhMzllZjU5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6751
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO0xYAsWBMtHWoRm9l-4zM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO0xYAsWBMtHWoRm9l-4zM&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO0xYAsWBMtHWoRm9l-4zM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FAAC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid
11af777f-cded-4078-9ea5-8a42876ed9ea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1619606729485&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=2200B43607954C8B9FEF94B76EF05018
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=2200B43607954C8B9FEF94B76EF05018
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=2200B43607954C8B9FEF94B76EF05018
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 27 Apr 2021 10:45:29 GMT
usersync
rtb.gumgum.com/ Frame E48C
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1445622927
  • https://sync.1rx.io/usersync/tradedesk/565cb74d-d219-4cf0-b470-4689722abe1d
  • https://sync.targeting.unrulymedia.com/csync/RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
date
Wed, 28 Apr 2021 10:45:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4f2a510aa75a449d97e59f2f8772a58e003
content-type
text/html
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAFYP07BEnoAACsHPWFUcQ&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAFYP07BEnoAACsHPWFUcQ&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAFYP07BEnoAACsHPWFUcQ&gdpr=0
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=wOV0jru1DNFU&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=wOV0jru1DNFU&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=wOV0jru1DNFU&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-lw8v7
expires
-1
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=1036997701708461165&gdpr=0&gdpr_consent=
43 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=1036997701708461165&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid
acca9e3c-50d5-48b4-904c-a0c22d9e2c4b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=1036997701708461165&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E48C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=TA4Eaqs35RaErFaM5NBc&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=TA4Eaqs35RaErFaM5NBc&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=TA4Eaqs35RaErFaM5NBc&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT, Wed, 28 Apr 2021 10:45:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597494625522457&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=9a827d96-ff55-41ec-a7f8-04e1668507aa
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=9a827d96-ff55-41ec-a7f8-04e1668507aa
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=9a827d96-ff55-41ec-a7f8-04e1668507aa
date
Wed, 28 Apr 2021 10:45:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=7a69bc50656b6b0a1d97d169&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:9f185057aa08527231786a8596106ea8
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:9f185057aa08527231786a8596106ea8
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:9f185057aa08527231786a8596106ea8
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-20-234.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D64c7c4...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&gdpr=0&gdpr_consent=
0
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame E48C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KO1C12NH-15-Y0Q&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KO1C12NH-15-Y0Q&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KO1C12NH-15-Y0Q&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
reporting
ap.lijit.com/dsp/google/ Frame E48C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=N2E2OWJjNTA2NTZiNmIwYTFkOTdkMTY5
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=7a69bc50656b6b0a1d97d169&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
Server
MT3 3660 495c301 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 10:45:25 GMT
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=da0abc61-712b-4a84-a191-5f2ebbc8934b
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=da0abc61-712b-4a84-a191-5f2ebbc8934b
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=da0abc61-712b-4a84-a191-5f2ebbc8934b
Date
Wed, 28 Apr 2021 10:45:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1871316019586082371
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1871316019586082371
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1871316019586082371
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame E48C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame E48C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KO1C12NH-15-Y0Q&gdpr=0
0
0
tum
ums.acuityplatform.com/ Frame E48C 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01EE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=32144
Expires
Wed, 28 Apr 2021 19:41:13 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
0608867b
rtb.gumgum.com/usync/ Frame 6FC3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a7ca6123e6b63fba27f0bdc9daa290963bf7f4767a9b0034c49a1c207dc49686

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d; Domain=.gumgum.com; Expires=Thu, 28-Apr-2022 10:45:29 GMT; Path=/; Secure; SameSite=None
etag
W/"08509d86b4d39924958eca4a36a4b78eb"
timing-allow-origin
*
content-encoding
gzip
cm
us-u.openx.net/w/1.0/ Frame 6514 		606 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
8f80a3aa43c6f19a4d5ce15dec9989def23de18a4acd74efc877804491195a91

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3b38b92a-fbac-0c54-055e-f2e9a4fc12c4|1619606729; pd=v2|1619606729|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3b38b92a-fbac-0c54-055e-f2e9a4fc12c4|1619606729; Version=1; Expires=Thu, 28-Apr-2022 10:45:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619606729|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Thu, 13-May-2021 10:45:29 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
text/html
content-length
373
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22A7 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=32144
Expires
Wed, 28 Apr 2021 19:41:13 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set merge
ce.lijit.com/ Frame 8A5F
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=4371649259542192953&gdpr=0&gdpr_consent=
43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=4371649259542192953&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=7a69bc50656b6b0a1d97d169; ljtrtbexp=eJxd0EESgCAMA8C%2FcPZgCi2NX3P8u%2BJwaY7LlJByN7QLAQY7jEezRTsT0RcjqnvlRDVOscTNHWeAL5OcdeI7ScmQCilvpHTKIXax5Jnel0YW%2B4cG%2BXvWHbrkDckbrHaZ97Lv8wLIMU6h; _ljtrtb_2=2200B43607954C8B9FEF94B76EF05018; _ljtrtb_76=847a58b3-b89f-09ae-1834-8ca7b86a1e6b; _ljtrtb_86=TA4Eaqs35RaErFaM5NBc; _ljtrtb_12=1036997701708461165; _ljtrtb_49=wOV0jru1DNFU; _ljtrtb_43=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r; _ljtrtb_36=e_68f6c4d7-50d1-478e-b4cd-b604e656253d; _ljtrtb_83=KO1C12NH-15-Y0Q; _ljtrtb_3=9f846089-3cc9-4d00-be57-368269184655; _ljtrtb_87=da0abc61-712b-4a84-a191-5f2ebbc8934b; _ljtrtb_26=9a827d96-ff55-41ec-a7f8-04e1668507aa; ljtrtb=eJwVjU1PwzAQRP9Lzqy0m7XXu9xISRQR0YqKInFCdj6g9NSWFiHEf8e%2Bzrx581tRXd1WhCxmISAFVCdE4qubqjR1jdg4Fgzm3Uob69rOXBOk7dAjacY4Y7bkGaoBj6OBmxAhzT4Ai9ZilEtfjCyZnd9EFxndFMDjROCCzpDcOEESdLN4qT1PmXaW6e%2FNC36eLnS%2F7nY50%2FI2bGhF9boH8vCKTyUu4uc718bjmf02tqcuPvp1MxZNmfQ28MP22ITVrqV0vvZfl%2F3wwfFr%2F94iHA69Ldfhh0%2BZD8WlLkSviSGpLYAWZyBlBzrGkFQizZKqv38ajk6W; _ljtrtb_10=1871316019586082371
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_36=e_68f6c4d7-50d1-478e-b4cd-b604e656253d;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_26=9a827d96-ff55-41ec-a7f8-04e1668507aa;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=wOV0jru1DNFU;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_83=KO1C12NH-15-Y0Q;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=9f846089-3cc9-4d00-be57-368269184655;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_2=2200B43607954C8B9FEF94B76EF05018;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=TA4Eaqs35RaErFaM5NBc;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=847a58b3-b89f-09ae-1834-8ca7b86a1e6b;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=H9K3JRqB7CUE1bsvHtuiKh3atigE0-kkH9fvKy3r;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_87=da0abc61-712b-4a84-a191-5f2ebbc8934b;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1871316019586082371;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_12=1036997701708461165;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwVkEtPJDEMhP9Ln7FkJ44f3LaHbo0YMWgRrMQJJeluXieGx2qF%2BO%2BbXKs%2Bl0v1PVAYzgfCKO6qSIrGQiRpOBu6EwLiyFFQPfHORp%2Bn2XlUmWZMSNaw2DDf2hmaQ6zVgRdEKGtSiGJBnJqZemKUxq4PYptUXhQSLgSstkLhukAR5FWShBSX%2Fr%2FTni3o4gLblhIwrRWybgaNJBFLqDk3lr2xf6%2F%2F4Mvpky6O813TrDc7XNOOwnEPlOAef3e5x97%2B4im%2Fvcd0k6fTnK%2FScazd0%2BYtGXOpQqAUCnA2hkxOkLawllLNI5fGEvblTCmSIHmyNkCISr1N%2F7z3Q7y8eRt1dzdRef%2Faf3w%2BH55i%2Fnh%2BnBBeX%2Fe%2BfR3%2BxVPjtVcy1pysRCjmG6DnFcgig9WsxSTTKmX4%2BQ%2BzEmmO;Path=/;Domain=.lijit.com;Expires=Thu, 28-Apr-2022 10:45:29 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_1=4371649259542192953;Path=/;Domain=.lijit.com;Expires=Thu, 28-Apr-2022 10:45:29 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=7a69bc50656b6b0a1d97d169;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxd0EESgCAMA8C%2FcPZgCi2NX3P8u%2BJwaY7LlJByN7QLAQY7jEezRTsT0RcjqnvlRDVOscTNHWeAL5OcdeI7ScmQCilvpHTKIXax5Jnel0YW%2B4cG%2BXvWHbrkDckbrHaZ97Lv8wLIMU6h;Path=/;Domain=.lijit.com;Expires=Thu, 28-Apr-2022 10:45:29 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=4371649259542192953; Domain=.turn.com; Expires=Mon, 25-Oct-2021 10:45:29 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=4371649259542192953&gdpr=0&gdpr_consent=
content-length
0
date
Wed, 28 Apr 2021 10:45:29 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 268C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
378d51dbd673dc25edfe63ddd6f291f8552c0b87a59040ee07678cd1b31c5ffd

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIk8yQxaiPSNajbMJuV-5gAA; CMPS=5202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|195|8|10|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1697
Expires
Wed, 28 Apr 2021 10:45:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YIk8yQxaiPSNajbMJuV-5gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Apr 2022 10:45:29 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Jul 2021 10:45:29 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Jul 2021 10:45:29 GMT CMST=YIk8yWCJPMkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 29 Apr 2021 10:45:29 GMT CMRUM3=c360893cc905a00&e660893cc927600&2760893cc90b40&f160893cc905a0&4960893cc905a00&0860893cc905a00&2d60893cc905a0&0a60893cc927600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Apr 2022 10:45:29 GMT

Redirect headers

Server
Apache
Content-Length
331
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 28 Apr 2021 10:45:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YIk8yQxaiPSNajbMJuV-5gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Apr 2022 10:45:29 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Jul 2021 10:45:29 GMT
merge
ce.lijit.com/ Frame 6514 		43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=847a58b3-b89f-09ae-1834-8ca7b86a1e6b&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6514
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8571943631700968686&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8571943631700968686&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8571943631700968686&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 28 Apr 2021 10:45:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 6514
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=N8IMT_utio25_Ha2E8Ibgw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
n10cbf63ac93k8tnfqd07a9phfivn4sn

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7c53e037-c287-a1ea-6e5f-2cf43f8cec70
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6514 		43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/7c53e037-c287-a1ea-6e5f-2cf43f8cec70?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping_match.gif
pm.w55c.net/ Frame 6514 		0
0
sd
us-u.openx.net/w/1.0/ Frame 6514
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=9a827d96-ff55-41ec-a7f8-04e1668507aa
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=9db6284d-b3f4-4c15-99e6-8d72181001c1&expires=10&ssp=openx&bsw_param=9a827d96-ff55-41ec-a7f8-04e1668507aa
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=9a827d96-ff55-41ec-a7f8-04e1668507aa
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=9a827d96-ff55-41ec-a7f8-04e1668507aa
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=9a827d96-ff55-41ec-a7f8-04e1668507aa
date
Wed, 28 Apr 2021 10:45:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
match.prod.bidr.io/ Frame 6514
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEPzk7BEnoAACq2qiqKMw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
0
0
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid
99ac0578-dec3-4469-b1fc-564b82f731d1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1036997701708461165
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68f6c4d7-50d1-478e-b4cd-b604e656253d&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=365298fa-163d-5276-bbaf-2cfddb261037&ssp=gumgum2&expires=30&user_group=1
  • https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=9a827d96-ff55-41ec-a7f8-04e1668507aa
date
Wed, 28 Apr 2021 10:45:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 6FC3
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28K6-8LAPYzQ24EPhxZgSzyHGZfAlDa5sA_Eon8S8I4xsUftVF7gmRZLR_TWK5Ufk-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68f6c4d7-50d1-478e-b4cd-b604e656253d&obuid=ENC(K6-8LAPYzQ24EPhxZgSzyHGZfAlDa5sA_Eon8S8I4xsUftVF7gmRZLR_TWK5Ufk-)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%3A%2F%2Fsy...
0
0
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=1fa92203-7a3e-0bf5-38f3-2aec088b207f
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=1fa92203-7a3e-0bf5-38f3-2aec088b207f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=1fa92203-7a3e-0bf5-38f3-2aec088b207f
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-46acc9db-5f16-47b9-6ccd-f02e7c77f430$ip$185.9.18.83
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-46acc9db-5f16-47b9-6ccd-f02e7c77f430$ip$185.9.18.83
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-46acc9db-5f16-47b9-6ccd-f02e7c77f430$ip$185.9.18.83
Date
Wed, 28 Apr 2021 10:45:30 GMT
Connection
keep-alive
Content-Length
120
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fH5L8qJE2pc7tlXmVUgBcTXdskDM3ySm_eXb~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-fH5L8qJE2pc7tlXmVUgBcTXdskDM3ySm_eXb~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-fH5L8qJE2pc7tlXmVUgBcTXdskDM3ySm_eXb~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
sync.ipredictive.com/d/sync/cookie/ Frame 6FC3 		0
0
services
sync.technoratimedia.com/ Frame 6FC3 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
882215701
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 6FC3 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame 6FC3 		0
0
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0
date
Wed, 28 Apr 2021 10:45:29 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5833430283
  • https://sync.1rx.io/usersync/tradedesk/565cb74d-d219-4cf0-b470-4689722abe1d
  • https://sync.targeting.unrulymedia.com/csync/RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4f2a510a-a75a-449d-97e5-9f2f8772a58e-003
date
Wed, 28 Apr 2021 10:45:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4f2a510aa75a449d97e59f2f8772a58e003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 6FC3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=wOV0jru1DNFU&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-lw8v7
expires
-1
merge
ce.lijit.com/ Frame 6FC3 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:29 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 332D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 28 Apr 2021 10:45:26 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x1
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=9f846089-3cc9-4d00-be57-368269184655&gdpr=0&gdpr_consent=
Expires
Wed, 28 Apr 2021 10:45:25 GMT
usersync
rtb.gumgum.com/ Frame 36A1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YIk8yQAAiDk_7wAC&gdpr=0&gdpr_consent=&_test=YIk8yQAAiDk_7wAC
accept-ranges
bytes
date
Wed, 28 Apr 2021 10:45:29 GMT
via
1.1 varnish
x-served-by
cache-fra19145-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1619606730.715982,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 38F0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGY2YzRkNy01MGQxLTQ3OGUtYjRjZC1iNjA0ZTY1NjI1M2Q=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGY2YzRkNy01MGQxLTQ3OGUtYjRjZC1iNjA0ZTY1NjI1M2Q=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmF0BzbMtE251m94OdUtgWGUW5u9wLLfHF43GZSzxpgT2JV5SISYPGcezeKJ3A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 28 Apr 2021 10:45:29 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A545 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=32144
Expires
Wed, 28 Apr 2021 19:41:13 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 4C2F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=565cb74d-d219-4cf0-b470-4689722abe1d&t=1622198729
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=565cb74d-d219-4cf0-b470-4689722abe1d; domain=.adsrvr.org; expires=Thu, 28-Apr-2022 10:45:29 GMT; path=/; secure; SameSite=None TDCPM=CAESFwoIcHVibWF0aWMSCwi62vvNmI_FORAFGAEgASgCMgsI8Lj0i6-PxTkQBTgBWgZndW1ndW1gAg..; domain=.adsrvr.org; expires=Thu, 28-Apr-2022 10:45:29 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 9090 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 28 Apr 2021 10:45:29 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 2ED6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 28 Apr 2021 10:45:29 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YIk8x8Co8YwAAFFrohIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YIk8x8Co8YwAAFFrohIAAAAA; path=/; expires=Fri, 28-Apr-23 10:45:29 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
6
X-SO-HostName
m-ad254.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":62,"gdpr":false,"ipv4":"185.9.18.83","key":"YIk8x8Co8YwAAFFrohIAAAAA","privacy_sensitive":false,"uid":"YIk8x8Co8YwAAFFrohIAAAAA","upstream_id":"m-ad254"}
X-SO-UID
YIk8x8Co8YwAAFFrohIAAAAA
X-SO-Key
YIk8x8Co8YwAAFFrohIAAAAA
X-SO-IP
185.9.18.83
X-SO-Cluster-ID
62
X-SO-Upstream-ID
m-ad254
usersync
rtb.gumgum.com/ Frame 177C
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082371
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082371
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316019586082371
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 28 Apr 2021 10:45:29 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDS1MDOwMDI2NxTiM9RNLA6tDHFMKi4OM3GU4jU0M7Q0MzAzN7I0szAEAJHEL6Y0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 May 2022 10:45:29 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhpZmBmbmRpZmEEALqjF30QAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 May 2022 10:45:29 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDS1MDOwMDI2NxTiM9RNLA6tDHFMKi4OM3EEAEtw5c0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316019586082371
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame B9C3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.126.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_68f6c4d7-50d1-478e-b4cd-b604e656253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 28 Apr 2021 10:45:29 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 28 Apr 2021 10:45:29 GMT Wed, 28 Apr 2021 10:45:29 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=TA4Eaqs35RaErFaM5NBc&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
track.adform.net/serving/unload/ Frame 111A 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=438595482620761812@@45512746,7269383487861515315,94|4907|0|0|0|0|0|0|0||180|1|1|60893cc300096bc608bbc54a4f03ee01_1|||1|0|0|LYBC--wlLUZX7EYoWZQhUd4Zn92Atexec1jfZ_GoCyvbCLdXZ-TFVskllzAqADQrA7z_uuw_WOM1|||01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/623/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 62F8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63599
Expires
Thu, 29 Apr 2021 04:25:28 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame FF20 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63599
Expires
Thu, 29 Apr 2021 04:25:28 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5AA8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=26BEF33A-1E6C-4D48-BC3B-B297CF88379D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_161_54%7C1620864000%3A35; KRTBCOOKIE_80=16514-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&22987-CAESEEqalW9B39i-awB1EuJOOTY&KRTB&23025-CAESEEqalW9B39i-awB1EuJOOTY; PugT=1619606727; PUBMDCID=3; KRTBCOOKIE_336=5844-5726185930160061537; KRTBCOOKIE_377=6810-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&22918-565cb74d-d219-4cf0-b470-4689722abe1d&KRTB&23031-565cb74d-d219-4cf0-b470-4689722abe1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63599
Expires
Thu, 29 Apr 2021 04:25:28 GMT
Date
Wed, 28 Apr 2021 10:45:29 GMT
Connection
keep-alive
Vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame F8A0 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 10:12:20 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame 268C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIk8yQxaiPSNajbMJuV_5gAABJ0AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJDkWAGEuyx42-0tQxHl_88&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJDkWAGEuyx42-0tQxHl_88&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJDkWAGEuyx42-0tQxHl_88&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 268C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIk8yQxaiPSNajbMJuV-5gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.192.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 268C 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YIk8yQxaiPSNajbMJuV_5gAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 268C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIk8yQxaiPSNajbMJuV-5gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI06BpChTBrc94M1_qYs7mc&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI06BpChTBrc94M1_qYs7mc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 10:45:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI06BpChTBrc94M1_qYs7mc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 268C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ffa4a07-de95-4773-af18-8cd7b366bf3c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ffa4a07-de95-4773-af18-8cd7b366bf3c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:30 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1ffa4a07-de95-4773-af18-8cd7b366bf3c
date
Wed, 28 Apr 2021 10:45:30 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 268C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f43a455d-2e80-493b-b3c9-57e8f1a044de&expiration=1651142731
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f43a455d-2e80-493b-b3c9-57e8f1a044de&expiration=1651142731
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 28 Apr 2021 10:45:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f43a455d-2e80-493b-b3c9-57e8f1a044de&expiration=1651142731
date
Wed, 28 Apr 2021 10:45:31 GMT
server
Kestrel
content-length
0
tum
ums.acuityplatform.com/ Frame 268C 		0
0
YIk8yQxaiPSNajbMJuV_5gAABJ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 268C 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIk8yQxaiPSNajbMJuV_5gAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://krdo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:45:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 268C 		0
0
async_usersync
ib.adnxs.com/ Frame FAAC 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 10:45:30 GMT
X-Proxy-Origin
185.9.18.83; 185.9.18.83; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
c622a986-890b-4295-9afd-eb6f83823f35
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.mynativeplatform.com
URL
https://hb.mynativeplatform.com/pub2/web/v1.15.0/hbwidget.json?widget_key=m1gqzbz7YaisSEI7AJsOqG&is_data_url_set=false
Domain
hb.mynativeplatform.com
URL
https://hb.mynativeplatform.com/pub2/web/v1.15.0/hbwidget.json?widget_key=m1gqzbz7YaisSEI7AJsOqG&is_data_url_set=false
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=16&3pid=f6971fb8-1878-4bad-a8ea-7a300f6ffcd5-60893cc3-4348&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=26594
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/bum?tpid=29&uid=9a827d96-ff55-41ec-a7f8-04e1668507aa&bidswitch_ssp_id=sonobi
Domain
id5-sync.com
URL
https://id5-sync.com/cq/441/124/8/2.gif?puid=bfdfe07b-d761-4111-ab2d-b0c6f354c5d0&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=565cb74d-d219-4cf0-b470-4689722abe1d
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=16&3pid=64c7c4cc-6071-455e-8b6f-631c35cdccca-60893cc9-4348&gdpr=0&gdpr_consent=
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=80&3pid=KO1C12NH-15-Y0Q&gdpr=0
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=7a69bc50656b6b0a1d97d169&gdpr=0&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26uid%3D%23PMUID%26obUid%3D%24D
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_68f6c4d7-50d1-478e-b4cd-b604e656253d&gdpr=0&gdpr_consent=&us_privacy=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=8
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIk8yQxaiPSNajbMJuV-5gAA%261181

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| _wpemojiSettings function| ia object| _0x107e function| _0x4154 function| docReady object| $jQInv object| _0x3d1e function| _0x2c35 object| ImsSDK object| ims object| io object| adViewability function| init function| playVideo function| getAdParamters undefined| $ function| jQuery object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| dataLayer undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| blueConicPreListeners function| BCClass object| blueConicClient undefined| targetingParamStr undefined| targetingParameters function| gtag object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| moment function| _ object| Backbone object| wpApiSettings object| wp object| focusWithin object| PojoA11yOptions function| ss_plugin_loadpopup_js object| _0x5193 function| _0x27fd function| _typeof object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| _0x172d function| _0x5b76 object| adRequest object| _0xf161 function| get_node function| eval_main function| eval_expr function| eval_value function| eval_existence function| eval_boolean function| eval_comparison function| do_comparison function| eval_array_comparison function| eval_array_property function| eval_array_property_exists function| eval_property function| err function| isstring function| isnumber object| VERSION object| twemoji object| $sf object| IMSTAG object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config number| _sf_endpt function| peg$subclass function| peg$SyntaxError function| peg$parse function| imsRuleParse object| gaplugins object| gaData object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _min object| _min_tv boolean| _editor_tv_loaded object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired boolean| _minAlreadyLoaded function| onYouTubeIframeAPIReady function| InteractionTypeImpl function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| Mustache object| _bcp function| BlueConicMetaDataService function| BlueConicEngagement function| RuleService object| justDetectAdblock function| FormRuleService object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| jsonpath object| teadsscript object| bc_json1010 object| teads object| GoogleGcLKhOms object| google_image_requests object| _21bc8503-7806-41da-b650-37b6eedc566f object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| insticatorUserTrackingMessage object| confiant

15 Cookies

Domain/Path Name / Value
.krdo.com/ Name: __gads
Value: ID=131dba31b10a2d4e-221f0f78f6c70009:T=1619606718:S=ALNI_MbsVY5bZpCpsbbHJsk49t77Kx8mrQ
.krdo.com/ Name: minBuffer
Value: %7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D
.krdo.com/ Name: minDaily
Value: %7B%22testMode%22%3Atrue%2C%22dailyUser%22%3Atrue%7D
.krdo.com/ Name: minSession
Value: %7B%22minSID%22%3A%22e63142860c-ad5ef42170-f02d8fade0-d4c82e13b2-078c9b34fb%22%2C%22minSessionSent%22%3Atrue%2C%22hadImp%22%3Atrue%2C%22sessionUniqs%22%3A%22%7Btime%3A1619606718852%2Clist%3A%5B18057171nt0%5D%7D%22%7D
krdo.com/ Name: _chartbeat2
Value: .1619606718531.1619606718531.1.Dt-ODe8J-99CUsOnmBp7XlEDWvevT.1
.krdo.com/ Name: BCSessionID
Value: 0aecf6c2-a517-4e04-be8c-7814018863bf
.krdo.com/ Name: _gid
Value: GA1.2.1285781267.1619606718
krdo.com/ Name: _cb
Value: Bvl01aCK5FV8D60gqq
krdo.com/ Name: _cb_ls
Value: 1
.krdo.com/ Name: _gat_gtag_UA_19609167_1
Value: 1
.krdo.com/ Name: minUniq
Value: %7B%22minUID%22%3A%22ee65f831c4-e6033f7cfb-10e3542477-9e7f1bf00e-899b1918ff%22%7D
krdo.com/ Name: minVersion
Value: {"experiment":1647633311,"minFlavor":"yt_supportmi-1.13.9.2.js100"}
krdo.com/ Name: _cb_svref
Value: null
.krdo.com/ Name: _ga
Value: GA1.2.334410478.1619606718
krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos- Name: ntvSession
Value: {}

21 Console Messages

Source Level URL
Text
console-api log URL: https://pymx5.com/scripts/ims.js(Line 1)
Message:
ad_q
console-api log URL: https://krdo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://pymx5.com/scripts/ims.js(Line 1)
Message:
scripts function eval_main(_0x1c25x3,_0x1c25x6){try{const [major,minor,patch]=_0x1c25x3[_0xf161[1]],[mymajor,myminor,mypatch]=VERSION;if(major!== mymajor|| minor!== myminor){err((_0xf161[2]+ major+ _0xf161[3]+ minor+ _0xf161[3]+ patch+ _0xf161[4]+ mymajor+ _0xf161[3]+ myminor+ _0xf161[3]+ mypatch+ _0xf161[5]));return false};return eval_expr(_0x1c25x3[_0xf161[6]],_0x1c25x6)}catch(e){err((_0xf161[7]+ (e[_0xf161[8]])+ _0xf161[5]));return false}} [object Object]
console-api log URL: https://snippet.minute.ly/publishers/30460/mi-1.13.9.2.js(Line 6)
Message:
Welcome to Minute
console-api log URL: https://npgco.blueconic.net/plugin/library/ea76966b19472f9e16c5f4bfb8be1d4a(Line 1002)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://npgco.blueconic.net/plugin/library/ea76966b19472f9e16c5f4bfb8be1d4a(Line 997)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.blueconic.net/npgco.js(Line 134)
Message:
[BC]Item will not be scraped due to incorrect type: !== article
console-api log URL: https://pymx5.com/scripts/ims.js(Line 1)
Message:
null undefined [object Event]
console-api log URL: https://pymx5.com/scripts/ims.js(Line 1)
Message:
null undefined [object Event]
console-api log URL: https://pymx5.com/scripts/ims.js(Line 1)
Message:
null undefined [object Event]
console-api warning (Line 1)
Message:
NO prebid responses1
console-api warning (Line 1)
Message:
NO prebid responses1
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 162)
Message:
dom ready!
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 297)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 407)
Message:
Send pageview now
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 412)
Message:
formatedPageview: {"timestamp":"2021-04-28T10:45:22.310Z","user_data":{"session_details":{"id":"37885415-a16f-4fd4-834d-e1f2f0b8dad9","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"136953cb-88f9-48b3-9417-8f28d8a3cf54","page_url":"https://krdo.com/MTSS-web/Lakana-Stage.com/News/Galleries/das-most-wanted-photos-/33965818%20tsara-Brashears","hostname":"krdo.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"AD_ONLY","integration_type":"DFP_WITHOUT_SAFEFRAME","ads":["div-insticator-ad-3"],"embed":[],"header_code_version":"STANDARD-V_4_0_3-2021-04-15 16:54:34","test_group":"0"}}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bc627c53651e029bcd049ee2ad5a0.safeframe.googlesyndication.com
20e47ceb7c8aaf993d858710d4d94c99.safeframe.googlesyndication.com
581ff44149463782193e737bae8fe54f.safeframe.googlesyndication.com
6adc26eca351cebf157a1cf76d4b9b6a.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads3.mthsense.com
adservice.google.com
adservice.google.de
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.britepool.com
api.pymx5.com
api.rlcdn.com
apv-launcher.minute.ly
apv-static.minute.ly
aud.pubmatic.com
b1sync.zemanta.com
b2c.insticator.com
bam-cell.nr-data.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
biddr.brealtime.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.aralego.net
cdn.blueconic.net
cdn.districtm.io
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
confiant-integrations.global.ssl.fastly.net
contextual.media.net
counter.snackly.co
creativecdn.com
cs.emxdgt.com
cs.media.net
d.turn.com
d2na2p72vtqyok.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
d5p.de17a.com
data.adsrvr.org
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
event.insticator.com
fastlane.rubiconproject.com
g2.gumgum.com
geoip.insticator.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hb.mynativeplatform.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
includemodal.com
insticator-d.openx.net
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
krdo.b-cdn.net
krdo.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
npgco.blueconic.net
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.technoratimedia.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.britepool.com
px.owneriq.net
pymx5.com
r.turn.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
s1.adform.net
s3.us-east-1.wasabisys.com
s8t.teads.tv
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snippet.minute.ly
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.chartbeat.com
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.teads.tv
tag.1rx.io
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.krdo.com
www.youtube.com
x.bidswitch.net
x.yieldlift.com
api.britepool.com
b1sync.zemanta.com
ce.lijit.com
cm.adgrx.com
dsp.adfarm1.adition.com
hb.mynativeplatform.com
id5-sync.com
image8.pubmatic.com
js-sec.indexww.com
match.prod.bidr.io
pm.w55c.net
sync.aralego.com
sync.ipredictive.com
token.rubiconproject.com
ums.acuityplatform.com
104.108.144.24
104.111.230.142
104.111.242.53
104.16.190.66
104.17.119.107
124.146.215.46
13.224.105.229
13.224.106.14
13.224.106.24
13.224.106.52
13.32.23.170
136.144.59.88
142.250.185.130
142.250.185.98
150.136.25.38
150.136.26.45
151.101.113.108
151.101.113.194
151.101.114.110
151.101.14.49
152.199.22.191
159.253.128.183
162.247.243.147
169.197.150.7
178.162.133.149
178.162.133.150
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.185.197.81
18.194.69.169
18.195.155.181
18.198.69.109
184.25.115.31
185.184.8.30
185.29.133.52
185.33.221.15
185.33.221.89
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
188.34.152.202
188.42.191.196
192.96.200.41
193.0.160.129
198.148.27.139
2.18.232.7
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
213.155.156.167
213.19.147.43
213.19.147.44
213.19.162.51
216.52.2.39
2600:9000:2057:5600:d:77c3:2dc0:21
2600:9000:2057:8200:1a:5302:20c0:21
2600:9000:20c8:1200:10:3422:3f00:21
2600:9000:20c8:5c00:18:1fcd:34e:d2a1
2600:9000:211e:6a00:1c:386f:ec80:21
2600:9000:211e:7200:5:ee0e:9e80:21
2606:4700:10::6816:1857
2606:4700:10::ac43:145c
2606:4700:20::681a:a06
2606:4700:20::ac43:47fe
2606:4700::6810:125e
2606:4700::6810:135e
2620:112:f002:bbbb::23
2620:116:800d:21:f916:5049:f87f:108e
2620:12a:8001::4
2a00:1288:110:c305::8000
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2006
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2010
2a00:1450:4001:828::2001
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:26f0:6c00:19c::26e5
2a02:fa8:8806:16::1370
3.12.221.43
3.120.80.221
3.215.147.84
3.225.15.51
34.120.133.55
34.193.37.198
34.200.78.134
34.230.171.184
34.236.212.156
34.240.192.98
34.96.74.203
35.156.13.167
35.201.96.126
35.227.203.93
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.234
37.157.5.72
37.157.6.246
38.27.106.51
47.252.78.131
51.178.20.140
51.75.146.160
52.0.218.160
52.21.173.249
52.21.23.66
52.212.126.234
52.28.254.214
52.48.175.241
52.49.40.147
52.58.124.95
52.73.31.234
52.95.124.170
54.174.195.234
54.210.4.204
54.214.244.124
54.86.215.174
54.93.69.146
64.74.236.63
64.74.236.95
65.9.66.70
66.155.71.25
67.202.110.24
69.16.175.42
69.173.144.138
69.173.144.165
72.21.206.140
72.251.249.13
77.243.60.138
89.187.169.15
000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408
018e0121961b21bc46ee1beb63adcefdf5caf392cb44a139c5684e4c47c56ec4
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
0246dadc540e4f6c0123e63c93e85a46363c18a2476806331d41ac20df8c7799
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04792b0a3cf328de91c48df9a15a94caf2360860e177b8f4e0443bcafcbd58b7
051d3c89d1bffc47d303951f166e74acd85322e74d30a91cae41a4a82b9a44a2
053213500c702ba4e3636bd9c26efbbb54e02430479ccae9b147fd58e59f3c96
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156
07c97a31c7bc04fe64261cae8e138baeb572b326d6e827d9419f9273c185e9a5
0903936e068e418e8fc4271b98e116093ea2c1496f4cdc86f0b46bbe537aee43
09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d59d09fd9126fef5cf3a680eef5967f81cb8f03edd822b2fbdff614c549931e
0f28b3b958b66166af3a799d6b9c74ba918d674521c91a297ef730c6d1bff218
0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931
102fede3ff51e238c2dbe7c90d6e5f85e1a91e71478a6e0cbb8972868db6202e
10dd9b6fcc056b7bef97875640de3d5b8eea9c559e4722536c7113b15382e323
11034ea6bdd96233b294e309cb7652bf85ef7c89d8ffd1262a14104dd7538615
14b0ca84af343c40ee75e841596549bf5b157f5bef3126ea096b19f2de559c4e
14cbe371cc58521ce4fa7fea7672a57160417da953b9ff4e7bf41f94c3d2766b
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188d06b62b9b9f512a1cbd81b53926b31188704ea649b9e9f946cee49dd05866
1a640cc7d9e143c5d16bfec93dc922a57c55528dadf8c696da6c4db8cd753004
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
233135281fa74a34acfa5c933046dcce1059dd442ee72b6aafc8c12b916fe700
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
2a93827e73dc4435d7d173f3991df58efe2a3c0dcba1f2c0ddc80da1afa8476b
2b5bc550ab704a4ea0f4d84b5ab27191f43cef91b74234e94e22b19fe42ad8e9
2c8f51f470375c6b4fb50d7463c9b17330c40bcfce282e0e0f03433156f471dd
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35fe1fbe5f45a081eb7ce05b61abbbe4c0d9b6585f7db6b36bcd55c4bd8123c7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36fe38e45a126543439e7c4cd01ef3a2983b4774cbbcbd6c1849f06358bcdf5a
378d51dbd673dc25edfe63ddd6f291f8552c0b87a59040ee07678cd1b31c5ffd
392cce442392c16b3585aacb6173bc0954423067e68ff5816cda547ee10625b8
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df1afc123fd19da2af7da5bf66c8dab25c986dcf467b2aa7d6409e389b0ebb8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
417197f57587702b08a4c06a0a330a317dfab1efcc95ec52ccf31d6e7bef1164
431d0013699d4e59c1e8f2a9ee73f8c5731b52adf79c207ef673ae7f7180d19f
437544e3984e44eea479965f0bd08086a1c5ba351693c5bd878d1659f28de46b
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4449883157b9337512ea159411c51cc8fae98894426ed27d2349346537e82e67
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
49625584f39a1b3ea5d4e07b61d65115861c1452ba7b99a40e2c62c077d1892a
4a01839e33fb4527aa3e3f39985b4ca68c719ea0dd53635be0e3be633056673c
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f57595917e832112f2f5e447e9c70d410e734f29146382724ea221d0d03dc62
5000a231c8067fdd16b2666e679319208f34524e8a3bb6a9e0c001c488270eb5
505e05a2fcc6f07732a4023946b9f1a3c15dfeaf2d79cfbf692d2fd44d118984
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5657f71f777371b255ff1acbb3a32d489653b8777e7151f7a1fe81b073d1c73e
56ef1976decaf8ed40e3128f6222ebd12e5fa9df83dd9904f49b0a021997a32e
5a4497839e0ae6eab047d5021c57e802c22d44f7c5a217f79e2bfdef89e77b76
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61a9fe0249f8e6b83bb23b2f334458f6662647d975f3204178cff46c1223800a
65db92b20ff8618885e192158a79845b983ed88ac6bc55be0c463619ea16f6e7
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332
68b280a1f25b4c5a2ca9ccf138f2b799fe9a3460de2ae82f1eb1fcb069e9952f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a7ed8943bc129a1ada0fbece3a1755f65bcdd3343cae26fa253786f04f2b9cd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9135c1e86b42ec285855d45ee2a18ff274995c42c73fdfaa9063197b240d08
6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba
6c1135bfdb3f06158c28e15961c222e6a05e2b420107e0a7c640f619b8b38897
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6e8ad416c0fd6184ec7e34b697cbe684c841a9e8719f1cff5474c5e6ea4129e4
6f9e7a6e11308489179c7ed15c1adc9a3d6f81bdfed8481481bc4998a4880754
70e97e52b9e9a3037a2d03896ac4fe29c19bcf1f3a65d203c8e3bfab47569089
715bce3b5badd2e8d0fc873ed45de2b72144a4f7c2b39aef1f9d5a05edb8902e
73050a23c5483820c00b78d547b5102a99e551139a0ae717123e44c09e50456a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
743b95858338b05a624e105091ef4b04af0b74cb7d0fb00cca292929b4c19984
76c9eda3556c160117a7bca206f3edb3488ceb708bf952685b8aaf0cc01be89a
7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd
7d5559a385b3e4e12aeb1b21f2f855ae69829129a3c7016b88ea326f6b79b4e2
7d67ec25df462f30026185ccd4d5f2143b4c6dff28c3f2b357bef1a5d12d9d0a
7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f5cd81ccb423b7462ee407e24571241eebf1b99eb89b33ab49c8aacc5dde3ce
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b18e62e7a609e16e1ca2f97fe56b9030755d52c59ffc4b8721f0dd3f06bff4
8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8381983927a64631aa039c5b7e91b8ede9172f21d6149c1dac3dd9b4757fd8e2
83aaa3355ed89aafe3712587ae1e1be417090170514c7b7cdff372b50ac1e9fb
843f5cb40ed01a58f7f715b8f741599f7bddf7fd32cb13b91b7a13e7088d894e
8499eed0890ce80b952e3bd9ded99d6c96738647e20320a682054f677534fc33
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a12923292a67cc935e133a77981d62e4041731677a7442e2624325595a55014
8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee053a0a4c0057d861bb9c0ce5123292f73bc1b7b55461fd8260824f0bbe80a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f80a3aa43c6f19a4d5ce15dec9989def23de18a4acd74efc877804491195a91
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
914bcc0a1a541fa55de5319349c3e9092c5f498c3ff03902a6d7137800d94323
969353590f58ca1fa1868579736ea4f6df8611ae71f8e967c2e7c98216850cf4
96d1aa01ef29e6172c297251ad7731de6ad95bdbb52fbde371a58841abc110af
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
987dc7bf5f840ef50048702e4fa82b2302566ec91207bacee92463445c21714e
98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924
9965517ae37704f4accb3423aea990e4dfa146033851393bd92c6b6a937a4359
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10
9bfb593737084dc48cc9375bbf71840f83aab16be7c1b8d098de7cf72807ce6e
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
a0f3edf4444bf3704cd30ac51d953aacaa1558f92dbda85bd3cd62dfc3a2a639
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280
a3ab60fe081896e883db11b9f814ce35b5b0031d866302c61c51b6fd2c693ace
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a6008e0d18b4f7ed1dae3153f062d8e1cae37f1d2d83f1af5aaadec6c81371c6
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75c89b2d5cc5e2b7bd07baf0aaa7b042312a9c82fded3aac36c9fad3cf2565e
a7ca6123e6b63fba27f0bdc9daa290963bf7f4767a9b0034c49a1c207dc49686
a89cd089747310d0b2211e93ca342f5d28814f2622af287a9da6f3a484ac99a3
aacfd321c7801d89b484f6fcf0caf515c795e4f15c2e088007ce26ce3608aa2b
b0429b52f0fbd0edfaf5041e8b046dd2e281be62a327a6c117d01331faac316e
b062efa1d6ff69cb710c1dc2dad2190ea08456f37fc9d1d56584d171159be8eb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35458211222e1663db842be7af5e535d3bbeaf88c9b813e64745b0c64d0b613
b5db081a83dfa84fb5ae0e444e4359d78ebbc4f5ef8d52f0f8be54bef1a43df5
b626115b6dd92fdf048dd5880fb03543c7b4f5381ef1b0e2d62b9050b7f26d47
b83d778357c749e88f00595859e092a8435a4c608b0451e327dc41091fcc3bbd
b856a1f244edcfcd3e73b176ae8be419babc70d1c2b8f67a55a8aea8491dff27
b964576ffaeb11955e99ad9efb052a4333a42b384a43640d4dfac4cf92368b3a
bc03bccf20454c6886f4dc49dec11ca2b0563904fa502cd766722ae8990e0c05
bd4573d3248efb541b7e6419770462383adf495bb6677f618327d263035b6c19
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d
bfb898bb740ada02594889da03a4d5c1bfe671bf06290edeb124a7c5dc0e02af
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d
c2a74bed0a7101fa4538a22c2fd1d674f29609c86c0a081d1648e40b9938d70c
c5ce4329e7334256ece1f7e030c2a8ea071e0cb1e4ace2c6a42bf4e6796788a7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c77a2a7b7f1056774a164402efd7a30808af479830d550a127165d2fff13d954
c890d84cd08ee89d689459446dd2f86730baf9ae105fd6fbd8ee6e06e4cc7182
cb02d4ac28407c54918a01cda3c085ffe1badfdcabf06dd739dacd143affa2e4
cdd40f0e4c0c7aa5b8f3a68d39681b49941084e7c93042192dfdd8bf73f3a247
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0730e50f03116513450b2907e73b72f1ed1ea1b2a9e75c3545c3cb5c4d0a94e
d07fc06c0cd1c1172c988dfe867180a33de103a4b4b63dfe87bd836005f4be7b
d0c2a456ee5a8132993f3262c12009e121294ca329bc5c83b1a95e2f4cc1abe7
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d4d11812fb30a25189827028ab1eb94dd1a0222866ceeaa9e284bfa9ee35edc7
d4dc936cd183d17603973bc304151489dff218f8ecbe668bc8575e283cffc6a5
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
d757c68311199fcc8d12b4987355d5f4275004be297d75aec99804e80be181f9
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
dbb94a32a02ad06e99ef71dde63711b858cf76a0c68763fbbc31d834728536eb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
e1687083dec75731e57d856d9eccc0bef12416b8d205b087aebf5def02d3c0b7
e3aa2555111bd17ae8a56877a809339e9526d05c0455e9ce9ef7da931d6083c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59b01f3c5194d51519365770672ac9847b2f044d83c786dc5c4c8562ecd2877
e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981
eb53fe58942a5b691b82a91966117d1b7a20c7b525a5c5fe5c307b0eea22ae8f
eb80e1c3d87feacefb2a104144f028ff4cc4a9733e2ab7003a66beb8417d3e6b
ec14ac94666281fc011ae5abdcc49e2f47a911acc9ca776ddbf0b7fbd40ccd98
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08f755a5b784988aeb7f66b0f5700ff6fb7a840f258867cab7813d1b7ad4e25
f12ae4af125e729402cf67d3bfd2cc37ca92b094220ee20f059c06bb47c78c29
f195b117a69029d6ca3702f5b5f9884e7d52a3d6c0ee46a2671018eed41c8139
f5fa41eccf99a1214e8deae54e7a829323bc944a3feb36788ec4268b340c36d6
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f949c4ccaeb95f4ad221d1cf68fa9e80538b6ba317d85b9c8e4b292dfa5d3384
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa37ed1e832bb71502b4c56b96d4b7aa3cc16356a6c9ce4a7adb1132ebb0f1a0
fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12
fabaaa4463a2d9da59b5a7cff9701e11ae029715e6ea720250c56b7c46382360