kesq.com Open in urlscan Pro
2620:12a:8001::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kesq.com/
Submission: On July 31 via manual (July 31st 2022, 8:06:58 pm UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 85 IPs in 9 countries across 63 domains to perform 330 HTTP transactions. The main IP is 2620:12a:8001::1, located in United States and belongs to FASTLY, US. The main domain is kesq.com. The Cisco Umbrella rank of the primary domain is 332977.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.

This is the only time kesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2620:12a:8001::1 2620:12a:8001::1	54113 (FASTLY) (FASTLY)
3	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
7	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
18	151.101.194.202 151.101.194.202	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2.21.185.59 2.21.185.59	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.66.97.12 18.66.97.12	16509 (AMAZON-02) (AMAZON-02)
7	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.66.139.95 18.66.139.95	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
38	89.187.169.15 89.187.169.15	60068 (CDN77 ^_^) (CDN77 ^_^)
6	3.233.138.68 3.233.138.68	14618 (AMAZON-AES) (AMAZON-AES)
2	38.27.106.53 38.27.106.53	395717 (BLUEARCHI...) (BLUEARCHIVE-ZONE-1)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:20e... 2600:9000:20eb:ce00:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
3	54.170.230.96 54.170.230.96	16509 (AMAZON-02) (AMAZON-02)
9	52.23.130.19 52.23.130.19	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:401... 2a00:1450:4014:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:401... 2a00:1450:4014:80e::2001	15169 (GOOGLE) (GOOGLE)
18	54.187.193.66 54.187.193.66	16509 (AMAZON-02) (AMAZON-02)
1	54.229.139.225 54.229.139.225	16509 (AMAZON-02) (AMAZON-02)
2	23.47.209.169 23.47.209.169	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.231.135.208 54.231.135.208	16509 (AMAZON-02) (AMAZON-02)
1	184.51.9.184 184.51.9.184	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9a	15169 (GOOGLE) (GOOGLE)
5	63.33.106.83 63.33.106.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:ae00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:44f... 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700:10:... 2606:4700:10::6816:4aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:48f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4014:80b::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.2.202 151.101.2.202	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:48ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.189.94 13.224.189.94	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:ea:... 2a02:26f0:ea:4b9::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.173.69.21 35.173.69.21	14618 (AMAZON-AES) (AMAZON-AES)
6	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	34.225.117.0 34.225.117.0	14618 (AMAZON-AES) (AMAZON-AES)
1	52.72.67.212 52.72.67.212	14618 (AMAZON-AES) (AMAZON-AES)
1	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
4	54.174.213.70 54.174.213.70	14618 (AMAZON-AES) (AMAZON-AES)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
3 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4014:80a::2008	15169 (GOOGLE) (GOOGLE)
4	35.223.203.253 35.223.203.253	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80a::2004	15169 (GOOGLE) (GOOGLE)
4 10	142.251.36.98 142.251.36.98	15169 (GOOGLE) (GOOGLE)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3602:68f1:8fce:a96f:e71c	16509 (AMAZON-02) (AMAZON-02)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
4	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.96.132.42 104.96.132.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
4	2606:4700::68... 2606:4700::6813:ba79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:cb16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
330	85

34 2620:12a:8001::1 (United States)

ASN54113 (FASTLY, US)

kesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.194.202 (United States)

ASN54113 (FASTLY, US)

squareoffs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.185.59 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-59.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-12.fra56.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apv-static.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-95.fra60.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net

kesq.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.233.138.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-138-68.compute-1.amazonaws.com

feed.mikle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.106.53 (Kennedyville, United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)

s3.us-east-1.wasabisys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:ce00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.170.230.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.23.130.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-130-19.compute-1.amazonaws.com

npgco.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.187.193.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-193-66.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.139.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-139-225.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.135.208 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.33.106.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com

demand-engine.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4aef (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.tldw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.tldw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48f0 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80b::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.202 (United States)

ASN54113 (FASTLY, US)

assets.squareoffs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:48ae (United States)

ASN13335 (CLOUDFLARENET, US)

counter.snackly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-94.fra2.r.cloudfront.net

plugins.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ea:4b9::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.173.69.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-69-21.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

apv-static.tldw.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.117.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-117-0.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.67.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-67-212.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (Beverwijk, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.174.213.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-213-70.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.223.203.253 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 253.203.223.35.bc.googleusercontent.com

events.kesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.36.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:68f1:8fce:a96f:e71c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.132.42 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-132-42.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:ba79 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	b-cdn.net kesq.b-cdn.net — Cisco Umbrella Rank: 692229	2 MB
38	kesq.com kesq.com — Cisco Umbrella Rank: 332977 events.kesq.com	8 MB
29	browsiprod.com cdn.browsiprod.com — Cisco Umbrella Rank: 13676 events.browsiprod.com — Cisco Umbrella Rank: 11967 yield-manager.browsiprod.com — Cisco Umbrella Rank: 12932 demand-engine.browsiprod.com — Cisco Umbrella Rank: 26179	196 KB
26	googlesyndication.com 47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	304 KB
22	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	193 KB
20	squareoffs.com squareoffs.com — Cisco Umbrella Rank: 192898 assets.squareoffs.com — Cisco Umbrella Rank: 316694	1 MB
13	blueconic.net cdn.blueconic.net — Cisco Umbrella Rank: 9596 npgco.blueconic.net — Cisco Umbrella Rank: 161729 plugins.blueconic.net — Cisco Umbrella Rank: 31061	207 KB
10	aniview.com player.aniview.com — Cisco Umbrella Rank: 1561 track1.aniview.com — Cisco Umbrella Rank: 1698 go1.aniview.com — Cisco Umbrella Rank: 4747 sync.aniview.com — Cisco Umbrella Rank: 2361	122 KB
10	tldw.me snippet.tldw.me — Cisco Umbrella Rank: 49632 apv-static.tldw.me — Cisco Umbrella Rank: 37832 counter.tldw.me — Cisco Umbrella Rank: 36339	1 MB
9	casalemedia.com 4 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1354 r.casalemedia.com — Cisco Umbrella Rank: 770 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	9 KB
9	pymx5.com pymx5.com — Cisco Umbrella Rank: 25961 api.pymx5.com — Cisco Umbrella Rank: 27279	199 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 34692 hal90005.redintelligence.net — Cisco Umbrella Rank: 275946	47 KB
8	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 13512 snippet.minute.ly — Cisco Umbrella Rank: 17458 apv-static.minute.ly — Cisco Umbrella Rank: 31233	1 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841 ssl.google-analytics.com — Cisco Umbrella Rank: 407	57 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	mikle.com feed.mikle.com — Cisco Umbrella Rank: 48034	108 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 397 mug.criteo.com — Cisco Umbrella Rank: 2751	1 KB
4	parship.de www.parship.de — Cisco Umbrella Rank: 199826	15 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 430 ib.adnxs.com — Cisco Umbrella Rank: 234	4 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	36 KB
4	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 9364 i.viafoura.co — Cisco Umbrella Rank: 9407	4 KB
4	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 9089	177 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	203 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44027 medialead.de — Cisco Umbrella Rank: 43714	1 KB
3	snackly.co counter.snackly.co — Cisco Umbrella Rank: 16504	394 B
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 991 pixel.quantserve.com — Cisco Umbrella Rank: 452 cms.quantserve.com — Cisco Umbrella Rank: 1090	31 KB
3	teads.tv a.teads.tv — Cisco Umbrella Rank: 1215 at.teads.tv — Cisco Umbrella Rank: 3880 s8t.teads.tv — Cisco Umbrella Rank: 2736	5 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8252	1 KB
3	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1391	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	82 KB
3	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5222	480 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	1 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 406	29 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1835	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 161789	6 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 640	645 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 287	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 285 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	987 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 508	1 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 485 image6.pubmatic.com — Cisco Umbrella Rank: 634	69 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	53 KB
2	amazonaws.com s3.amazonaws.com	76 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 436 s-jsonp.moatads.com — Cisco Umbrella Rank: 13606	55 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	21 KB
2	wasabisys.com s3.us-east-1.wasabisys.com — Cisco Umbrella Rank: 177479	29 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	71 KB
1	instana.io eum.instana.io — Cisco Umbrella Rank: 5977	10 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1431	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 333	461 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 926	356 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 75122	312 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 213323	409 B
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 207180	1 KB
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14697	629 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43135	629 B
1	adform.net c1.adform.net — Cisco Umbrella Rank: 606	331 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1512	408 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	265 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 811
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 543	243 B
1	gstatic.com fonts.gstatic.com	16 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 942	454 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 2781	135 KB
330	63

	Domain	Requested by
38	kesq.b-cdn.net	kesq.com
34	kesq.com	kesq.com
18	events.browsiprod.com	cdn.browsiprod.com
18	squareoffs.com	kesq.com squareoffs.com
15	pagead2.googlesyndication.com	squareoffs.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net r.casalemedia.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	npgco.blueconic.net	cdn.blueconic.net
7	pymx5.com	kesq.com pymx5.com
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net r.casalemedia.com
6	apv-static.tldw.me	kesq.com
6	apv-static.minute.ly	kesq.com
6	feed.mikle.com	kesq.com feed.mikle.com ajax.googleapis.com
6	securepubads.g.doubleclick.net	kesq.com www.googletagservices.com securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	demand-engine.browsiprod.com	cdn.browsiprod.com
5	cdn.browsiprod.com	kesq.com cdn.browsiprod.com
4	www.parship.de	hal90005.redintelligence.net www.parship.de
4	hal90005.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90005.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90005.redintelligence.net
4	events.kesq.com	kesq.com
4	sync.aniview.com	player.aniview.com r.casalemedia.com
4	cdn.viafoura.net	kesq.com cdn.viafoura.net
4	www.googletagmanager.com	kesq.com www.googletagmanager.com
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	counter.tldw.me	snippet.tldw.me
3	track1.aniview.com	kesq.com player.aniview.com
3	plugins.blueconic.net	npgco.blueconic.net plugins.blueconic.net
3	fonts.googleapis.com	client hal90005.redintelligence.net
3	counter.snackly.co	snippet.minute.ly
3	api.viafoura.co	cdn.viafoura.net
3	www.google-analytics.com	www.googletagmanager.com squareoffs.com www.google-analytics.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	jadserve.postrelease.com	s.ntv.io kesq.com
3	cdnjs.cloudflare.com	kesq.com
3	vjs.zencdn.net	kesq.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	bam.nr-data.net	js-agent.newrelic.com
2	js-agent.newrelic.com	squareoffs.com kesq.com
2	e.dlx.addthis.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	s.amazon-adsystem.com	1 redirects r.casalemedia.com
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	ssl.google-analytics.com	s3.amazonaws.com kesq.com
2	sync.search.spotxchange.com	2 redirects
2	secure.adnxs.com	2 redirects
2	player.aniview.com	snippet.tldw.me player.aniview.com
2	www.youtube.com	snippet.minute.ly www.youtube.com
2	assets.squareoffs.com	squareoffs.com
2	s3.amazonaws.com	kesq.com
2	cdn.jsdelivr.net	squareoffs.com
2	api.pymx5.com	pymx5.com
2	s3.us-east-1.wasabisys.com	kesq.com
2	www.googletagservices.com	kesq.com googleads.g.doubleclick.net
1	eum.instana.io	www.parship.de
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	futalis.de	hal90005.redintelligence.net
1	trf.greatviews.de	1 redirects
1	www.awin1.com	1 redirects
1	pb.media01.eu	hal90005.redintelligence.net
1	c1.adform.net	r.casalemedia.com
1	cm.adgrx.com	r.casalemedia.com
1	pr-bh.ybp.yahoo.com	r.casalemedia.com
1	match.adsrvr.org	r.casalemedia.com
1	ups.analytics.yahoo.com	player.aniview.com
1	r.casalemedia.com	player.aniview.com
1	ssum.casalemedia.com	1 redirects
1	onetag-sys.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	ads.pubmatic.com	player.aniview.com
1	i.viafoura.co	cdn.viafoura.net
1	go1.aniview.com	player.aniview.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	feed.mikle.com
1	pixel.quantserve.com	squareoffs.com
1	snippet.minute.ly	apv-launcher.minute.ly
1	snippet.tldw.me	apv-launcher.minute.ly
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s8t.teads.tv	kesq.com
1	at.teads.tv	a.teads.tv
1	s-jsonp.moatads.com	kesq.com
1	secure.quantserve.com	squareoffs.com
1	a.teads.tv	www.googletagmanager.com
1	z.moatads.com	s.ntv.io
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.blueconic.net	kesq.com
1	apv-launcher.minute.ly	kesq.com
1	s.ntv.io	kesq.com
330	102

This site contains links to these domains. Also see Links.

Domain
kuna.podbean.com
events.kesq.com
kesq-kdfx-kuna-cv-pros.npgdigitalservices.com
cvlocallinks.com
recruiting.adp.com
jobs.kesq.com
www.kesq.com
www.yourcwtv.com
kesq.b-cdn.net
s3.us-east-1.wasabisys.com
www.desertairps.com
www.fantasyspringsresort.com
publicfiles.fcc.gov
donotsell.npg.digital
npgco.blueconic.net

Subject Issuer	Validity	Valid
kesq.com R3	`2022-07-24` - `2022-10-22`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2021-09-12` - `2022-09-10`	a year	crt.sh
squareoffs.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-04` - `2023-03-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.browsiprod.com Amazon	`2022-02-13` - `2023-03-14`	a year	crt.sh
*.minute.ly Sectigo RSA Organization Validation Secure Server CA	`2022-05-16` - `2023-06-16`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
feed.mikle.com AlphaSSL CA - SHA256 - G2	`2022-04-12` - `2023-05-14`	a year	crt.sh
*.s3.us-east-1.wasabisys.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-07` - `2022-10-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
viafoura.com Amazon	`2021-10-07` - `2022-11-05`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.gobrowsi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
browsiprod.com Amazon	`2022-02-21` - `2023-03-22`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.squareoffs.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-05` - `2023-07-07`	a year	crt.sh
*.snackly.co Sectigo RSA Organization Validation Secure Server CA	`2021-12-27` - `2022-12-11`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
apv-static.tldw.me R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
events.kesq.com R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
redintelligence.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
www.parship.de Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.futalis.de R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-12-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://kesq.com/
Frame ID: 96E9AEE77073E088C56E8BB85B33FED3
Requests: 197 HTTP requests in this frame

Frame: https://squareoffs.com/embeds/4847?feed_size=small
Frame ID: ECF80BDBE063CCECC8F65AEE1A1FA3B7
Requests: 32 HTTP requests in this frame

Frame: https://47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B1629E9488733DDA8343613293571FB9
Requests: 1 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Frame ID: 34B7449C1D268245B5EFEE67678F4AC3
Requests: 10 HTTP requests in this frame

Frame: https://snippet.tldw.me/tv/0.41.42/tvp.js
Frame ID: F3FAEF778BC7E19AB9D3D877BE6EA8CA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: 9CFC23F6F74BAC963CD9441BA58448CD
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Frame ID: 24523122C0FEC728B9BC936E3EC788C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&adk=1282969481&adf=3986099802&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fkesq.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010867&bpp=3&bdt=915&idt=236&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&nras=1&correlator=3358616899376&frm=24&ife=1&pv=2&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pgmvdvqwtp7w&fsb=1&dtd=249
Frame ID: 70011A53CC120EEBCF28FB7D96E19351
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Frame ID: 3BF5479F7C9CB55F6DFBF5626D3DDBBC
Requests: 12 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=200&key=OPTOUT
Frame ID: E7FA77D1C378B7E54711F84D933A7F82
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=61d67b18f4d0980&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 52AD8B90D86A6D6CB2AD495EFB7F493B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=55&key=2034174182237149796
Frame ID: A6BFB977C7748BEE758B3DA22E62293E
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Frame ID: 653CEBF9D56F92F4E7F333898CF521E3
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=2&key=511f3aa3-110c-11ed-9a22-13b80d860206
Frame ID: 2DA2F1101FF4A149D541F186D5C1E47F
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 83C459BA5958D0DE4728B5B778218F69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXGsypvj8FqFh_HMRPLyHow1UfnbbAaNi73VhKI0SV7CX49j7pKh9sktWta-npj-irQkE53geeQI5cxLWEXf197U6ZgOcUJ8Wf0PjOzmrQ0g3gSJ2OOzmDhNwvrG_mkd_rKl9Yw-l9heb7b7MXwhh1K-34vZxfA-ssHqb2gtI4xOQAh0lc
Frame ID: 0827D1A1CAFC3B82D86A57C86173AB0A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8266040A9365321907440BBF7680B6C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24018400144817500710616012037005&actionid=981741&produktid=&dt_url=
Frame ID: AFCDE216291B789A267F22215613D115
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
Frame ID: D7E860D0BBDE99462F07816E4BDD7241
Requests: 5 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839
Frame ID: 77C2073A26FE9D5ACC83F3C631837689
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Frame ID: 851779ABB54B4837A2B8DEC9BD063370
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5B5514723E7354F086B7ED40F794A00
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F094A568C7F6E5013BE995257A8F4100
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58D5EC723C397A0691DEAC4E399EAFD0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 668C781AB26FADF4BD327AB9564DB3AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8678E92EA612856C70D33147425AD327
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - KESQcircle-arrowPlay ButtonStop Buttonchevron-rightchevron-leftchevron-upsearchwarningchevron-left-skinnychevron-right-skinnyxclockcalendarplay-buttoncancel-circleusertwitterfacebookyoutubeinstagramemaillinkedin

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

330
Requests

96 %
HTTPS

38 %
IPv6

63
Domains

102
Subdomains

85
IPs

9
Countries

17090 kB
Transfer

26644 kB
Size

87
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://kuna.podbean.com/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://events.kesq.com/
Title: Events

Search URL Search Domain Scan URL

URL: https://kesq-kdfx-kuna-cv-pros.npgdigitalservices.com/
Title: CV Pros

Search URL Search Domain Scan URL

URL: https://cvlocallinks.com/
Title: CVLocalLinks

Search URL Search Domain Scan URL

URL: https://recruiting.adp.com/srccar/public/RTI.home?c=1059541&d=External-Corporate&city=%22Palm%20Desert%22,%22Thousand%20Palms%22
Title: Work at KESQ

Search URL Search Domain Scan URL

URL: https://jobs.kesq.com/
Title: Explore Local Jobs

Search URL Search Domain Scan URL

URL: https://www.kesq.com/jobs#intern
Title: Intern at KESQ

Search URL Search Domain Scan URL

URL: https://www.yourcwtv.com/partners/palmsprings/
Title: CW 5 Palm Springs

Search URL Search Domain Scan URL

URL: https://kesq.b-cdn.net/2022/07/EEO-Report-2022.pdf
Title: 2022 EEO Report

Search URL Search Domain Scan URL

URL: https://kesq.b-cdn.net/2020/08/EEO-2020-REPORT-7.17.20.pdf
Title: 2020 EEO Report

Search URL Search Domain Scan URL

URL: https://s3.us-east-1.wasabisys.com/kesq.com/2020/04/eeo-2019-report-2018-2019-20190729-213606216-pdf.pdf
Title: 2019 EEO Report

Search URL Search Domain Scan URL

URL: https://www.desertairps.com/

Search URL Search Domain Scan URL

URL: https://www.fantasyspringsresort.com/casino/

Search URL Search Domain Scan URL

URL: https://events.kesq.com/events/community/add/
Title: Post Your Event

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kesq-tv
Title: KESQ-TV FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kpsp-cd
Title: KPSP-TV FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kdfx-cd
Title: KDFX-TV FCC Public File

Search URL Search Domain Scan URL

URL: http://donotsell.npg.digital/
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://npgco.blueconic.net/s/1dg?profileid=ca7739cf-7ae5-422c-ad86-02024315260f
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 235

https://sync.1rx.io/usersync2/rmpssp?sub=minute&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=200&key=OPTOUT

Request Chain 237

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1659298011383-974638447295-008606-010-008847%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=55&key=2034174182237149796

Request Chain 238

https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1

Request Chain 239

https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D2%26key%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=511f3ae6-110c-11ed-9a22-13b80d860206 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=2&key=511f3aa3-110c-11ed-9a22-13b80d860206

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1

Request Chain 256

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yubg2433-JHbRjY3lGW4uAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsD0dQUiJfiYqV5ejFKyL4&google_cver=1

Request Chain 258

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAzNDE3NDE4MjIzNzE0OTc5Ng%3D%3D

Request Chain 259

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&dcc=t

Request Chain 262

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yubg2433-JHbRjY3lGW4uAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1&gdpr=1

Request Chain 265

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yubg2wADCIhUKAA0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yubg2wADCIhUKAA0&gdpr=1&_test=Yubg2wADCIhUKAA0

Request Chain 272

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 275

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24018400144817500710616012037005&actionid=981741&produktid=&dt_url=

Request Chain 276

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=24018400144817500710616012037005&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID

Request Chain 277

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24018400144817500710616012037005&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839

Request Chain 279

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 286

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1CuqrjpWypr74FNBQnj0F_p2J5e8wGzmmj7EZ&google_gid=CAESEMAqJcbH6-GUIfVcn0iASxk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1CuqrjpWypr74FNBQnj0F_p2J5e8wGzmmj7EZ&google_gid=CAESEMAqJcbH6-GUIfVcn0iASxk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MzEyMDA2NTIwMDAxNDQxMzM5OTI3NQ%3D%3D&google_push=AehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1CuqrjpWypr74FNBQnj0F_p2J5e8wGzmmj7EZ

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFGYYAcMc9Q22kNkzz73fBw&google_cver=1&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxFibLhRBzcLPmt6ld2onFWTeQvJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5UjcwOE0tMVUtRE1DTA==&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxFibLhRBzcLPmt6ld2onFWTeQvJ

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRW-gJt8Vdn85gNw2biqSA&google_cver=1&google_push=AehlK4CH5prq8jS8ltS6ocu4ymAQpZYZI60889ETLtb1iWD-mGJWLSSgHhT6CpUGAbmm63um9CYPNtCdX2bGva-4KO60hfGvFEgp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&google_push=AehlK4CH5prq8jS8ltS6ocu4ymAQpZYZI60889ETLtb1iWD-mGJWLSSgHhT6CpUGAbmm63um9CYPNtCdX2bGva-4KO60hfGvFEgp&google_gid=CAESEDRW-gJt8Vdn85gNw2biqSA&google_cver=1

Request Chain 326

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=hBjQl3xyV2VyQk5EWVNyMU1EZ2szdFlTSXQ2WkhNMENTTmdHVWR5d0FMODhidS83R1p0Y2ZXWTBRZ21UNWQvQUt1ZVBGV0h1R2JvOVhvN1dtbDVReDVUTVZLZnFVRHArdUYxL1VsdG0yVGtWaFM5NFpqcHZ1ODVzelUxNVpuWFJjbHhPdUtEQzRremNSQW5WOEV2WDJjTGFMVjZxeCtwQ0VwVGJPZWNYSnZsRkFWSWNFTWdnU2hsMlhHQTFTRFpuM0FrdkF4cnRDT2lsM2JNK0pTVG9lL0dzYTIwQ1F6YXAyZW9aM3c3WVNWYXVYV2xBPXw&cppv=2

330 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kesq.com/ 194 KB
52 KB 224ms
169ms Document
text/html 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

031fcc63b673cbe1e0de97b98ed23854f8cef55cb34b07a9737689635c976170

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204
cache-control: public, max-age=2400
content-encoding: gzip
content-length: 52071
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 20:06:49 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
link: <https://kesq.com/wp-json/>; rel="https://api.w.org/" <https://kesq.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://kesq.com/>; rel=shortlink
permissions-policy: accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31622400
traceparent: 00-1bbbc7dda12c47d19586a192109d877e-a0f24859b4bebf1f-00
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-cloud-trace-context: 1bbbc7dda12c47d19586a192109d877e/11597411540554137375;o=0
x-content-type-options: nosniff
x-distributor: yes
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-46rjv
x-served-by: cache-chi-klot8100088-CHI, cache-hhn4050-HHN
x-styx-req-id: d57bda8c-110b-11ed-93b4-9ecc4c125464
x-timer: S1659298009.060974,VS0,VE160
x-xss-protection: 1; mode=block;

GET
H2 200 iframe.css
kesq.com/wp-content/plugins/squareoffs/css/ 5 KB
2 KB 16ms
9ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/squareoffs/css/iframe.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3f88bd2fd79e49bea67ca9456b79facac3769c5703a6f33826e21301d83e7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-153f"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ddsh8
x-cache: HIT, HIT
x-cloud-trace-context: b387b31c6aac4501a4d234b6b84e623d/9045913321833036100;o=0
content-length: 1741
x-served-by: cache-chi-kigq8000151-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-b387b31c6aac4501a4d234b6b84e623d-7d898a3d28d4f944-00
x-timer: S1659298009.242465,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1bc7cf1-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits: 1, 1

GET
H2 200 cropper.css
kesq.com/wp-content/plugins/squareoffs/css/ 5 KB
2 KB 16ms
9ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/squareoffs/css/cropper.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2fbbae4abf7e1b517f1f8eae51d45b771e95aeaf3975671750c3ed138c09de78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-1360"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-cbcsb
x-cache: HIT, HIT
x-cloud-trace-context: 1e1d63de8fc7478c9a4fd51e7bc99cc3/10733759307566483512;o=0
content-length: 1488
x-served-by: cache-chi-kigq8000153-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-1e1d63de8fc7478c9a4fd51e7bc99cc3-94f5f938680b0838-00
x-timer: S1659298009.243304,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1bc5d86-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/block-library/ 81 KB
14 KB 16ms
9ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-145db"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-2rsbg
x-cache: HIT, HIT
x-cloud-trace-context: b83f869741da4567bcdaf4ac38f9be24/2333872851115839719;o=0
content-length: 14478
x-served-by: cache-chi-klot8100105-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-b83f869741da4567bcdaf4ac38f9be24-206394fe21b010e7-00
x-timer: S1659298009.243298,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1bd4b10-03c7-11ed-a076-fe1267171b14
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/components/ 120 KB
21 KB 17ms
10ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/components/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b4e97339829ec9d0ff5c5084e54a11134828a5787b9081afa964ba4e588d907d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d6787e-1de31"
age: 1047705
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-46m7c
x-cache: HIT, HIT
x-cloud-trace-context: da64640d6a7c404ebf2701927d3b4481/18100829111670097136;o=0
content-length: 21292
x-served-by: cache-chi-kigq8000055-CHI, cache-hhn4050-HHN
last-modified: Tue, 19 Jul 2022 09:25:18 GMT
server: nginx
traceparent: 00-da64640d6a7c404ebf2701927d3b4481-fb33102cbd2544f0-00
x-timer: S1659298009.244117,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 20 Jul 2023 17:05:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: ef2160ab-0784-11ed-8ea3-62bb28c69506
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/block-editor/ 109 KB
20 KB 30ms
24ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/block-editor/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

436bff18353cdd23f319497c726b6d88c27dc3a90b176ff7cc16bc5f0ffd8906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-1b566"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-rpn9n
x-cache: HIT, HIT
x-cloud-trace-context: 380c45aefcd2442cbff49f8b5ddbcd64/8843784245547509128;o=0
content-length: 20184
x-served-by: cache-chi-klot8100063-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-380c45aefcd2442cbff49f8b5ddbcd64-7abb6eea3a0e2588-00
x-timer: S1659298009.244434,VS0,VE10
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1c76890-03c7-11ed-b329-8efbea45c253
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/nux/ 3 KB
1 KB 17ms
11ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/nux/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5bca2d4288328711026ee112d545ab38fc8e56e5eb81ce85befa09b4d16dbc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-ad0"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-8hpfn
x-cache: HIT, HIT
x-cloud-trace-context: 0dd2ce85483442cd89695de5c402efa6/8875043668530967308;o=0
content-length: 810
x-served-by: cache-chi-klot8100107-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-0dd2ce85483442cd89695de5c402efa6-7b2a7d31ccde330c-00
x-timer: S1659298009.244132,VS0,VE3
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1c3f989-03c7-11ed-b721-6a3a297be2ea
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/reusable-blocks/ 522 B
621 B 16ms
10ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-20a"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-2rsbg
x-cache: HIT, HIT
x-cloud-trace-context: 11d3dde1d9b64b799e0dc0d4d831076b/4098002350614076076;o=0
content-length: 260
x-served-by: cache-chi-klot8100094-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-11d3dde1d9b64b799e0dc0d4d831076b-38df076cfd115aac-00
x-timer: S1659298009.244060,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1c43ba6-03c7-11ed-a076-fe1267171b14
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-includes/css/dist/editor/ 20 KB
5 KB 15ms
10ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/css/dist/editor/style.min.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e8ee2708c1df628a6145b03d746fbdbb5076288464484672b25f70917ecea416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-517a"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-2rsbg
x-cache: HIT, HIT
x-cloud-trace-context: 2ec9dfae52384d8fb0a00e4a136a6d23/5362595525893315487;o=0
content-length: 4605
x-served-by: cache-chi-kigq8000107-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-2ec9dfae52384d8fb0a00e4a136a6d23-4a6bc437f2f85b9f-00
x-timer: S1659298009.244016,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1c6c573-03c7-11ed-a076-fe1267171b14
x-cache-hits: 1, 1

GET
H2 200 mediacloud-mux.blocks.style.css
kesq.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/ 141 B
495 B 15ms
9ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/ilab-media-tools-premium/public/blocks/mediacloud-mux.blocks.style.css

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-8d"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-kfd84
x-cache: HIT, HIT
x-cloud-trace-context: 188f527be2364f149eb5a36fd6611074/10116341839648759256;o=0
content-length: 133
x-served-by: cache-chi-klot8100044-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-188f527be2364f149eb5a36fd6611074-8c64774df2af9dd8-00
x-timer: S1659298009.244016,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1c58ce1-03c7-11ed-add9-aa1b03124d3f
x-cache-hits: 1, 1

GET
H2 200 video-js.css
vjs.zencdn.net/7.15.4/ 45 KB
11 KB 43ms
8ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.15.4/video-js.css?ver=5.9.3
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 176fec6a7fad473d3102d548facfa993bedf4322dca6c0c308ac46d0ef7265c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 21:08:21 GMT
etag: "fd0eb27f568b77ae49c0a783f270e7f3"
x-served-by: cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10908
x-cache-hits: 1

GET
H2 200 videojs-hls-player.css
kesq.com/wp-content/plugins/videojs-hls-player/ 2 KB
1003 B 17ms
12ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/videojs-hls-player/videojs-hls-player.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3f9b227f6f1789e870ce5ffe0d4becb276ec5abeb98d45d82ff5040a1b11611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-728"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ddsh8
x-cache: HIT, HIT
x-cloud-trace-context: d837214281964e04833d4ef6e21ff738/974219800414896977;o=0
content-length: 685
x-served-by: cache-chi-kigq8000091-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-d837214281964e04833d4ef6e21ff738-0d851fbf30e1c351-00
x-timer: S1659298009.243947,VS0,VE4
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cb1fd3-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits: 1, 1

GET
H2 200 theme.min.css
kesq.com/wp-content/themes/storymate-npg/build/css/ 26 KB
7 KB 19ms
14ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/themes/storymate-npg/build/css/theme.min.css?ver=1.4.21

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-67e6"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-rpn9n
x-cache: HIT, HIT
x-cloud-trace-context: e4983c7fcbae46029084df512fef9381/4838769305954233780;o=0
content-length: 7053
x-served-by: cache-chi-kigq8000112-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-e4983c7fcbae46029084df512fef9381-4326c30bff772db4-00
x-timer: S1659298009.248255,VS0,VE3
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cbaf12-03c7-11ed-b329-8efbea45c253
x-cache-hits: 1, 1

GET
H2 200 theme.min.css
kesq.com/wp-content/themes/storymate-theme/build/css/ 57 KB
14 KB 36ms
32ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/themes/storymate-theme/build/css/theme.min.css?ver=1.4.21

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-e34a"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-cbcsb
x-cache: HIT, HIT
x-cloud-trace-context: f366a988ca9d4bd994e9a41677a2f652/3806090726476354875;o=0
content-length: 13902
x-served-by: cache-chi-kigq8000023-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-f366a988ca9d4bd994e9a41677a2f652-34d1f359a688153b-00
x-timer: S1659298009.248252,VS0,VE16
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1ca83a0-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits: 1, 1

GET
H2 200 style_login_widget.css
kesq.com/wp-content/plugins/miniorange-oauth-oidc-single-sign-on/resources/css/ 740 B
717 B 18ms
13ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/miniorange-oauth-oidc-single-sign-on/resources/css/style_login_widget.css?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3962092881c2463cf6a930cc815c05d1fffdea3c8b2f6220b0de85e31f81784c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-2e4"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ddsh8
x-cache: HIT, HIT
x-cloud-trace-context: 893be0f975c7452c8277cfa55f27293d/16096601748653916958;o=0
content-length: 400
x-served-by: cache-chi-klot8100079-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-893be0f975c7452c8277cfa55f27293d-df629e01c772c31e-00
x-timer: S1659298009.248708,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cc1207-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits: 1, 1

GET
H2 200 style.min.css
kesq.com/wp-content/plugins/pojo-accessibility/assets/css/ 51 KB
6 KB 28ms
24ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-cbb9"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-a-679db49985-6vcqf
x-cache: HIT, HIT
x-cloud-trace-context: 076b67d61ea14a6bb17dafebc369f753/975307910038618530;o=0
content-length: 5957
x-served-by: cache-chi-klot8100145-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-076b67d61ea14a6bb17dafebc369f753-0d88fd60747b01a2-00
x-timer: S1659298009.248708,VS0,VE5
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:14 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cc60ba-03c7-11ed-a58f-36a94022e041
x-cache-hits: 1, 1

GET
H2 200 socialshare.css
kesq.com/wp-content/plugins/wp-social-sharing/static/ 7 KB
2 KB 18ms
14ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/wp-social-sharing/static/socialshare.css?ver=1.6

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d4b989-1aa5"
age: 1082661
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-2nrvq
x-cache: HIT, HIT
x-cloud-trace-context: 6ba804eba749494f88fd5033fb4ced9b/1779011878784558124;o=0
content-length: 1270
x-served-by: cache-chi-kigq8000023-CHI, cache-hhn4050-HHN
last-modified: Mon, 18 Jul 2022 01:38:17 GMT
server: nginx
traceparent: 00-6ba804eba749494f88fd5033fb4ced9b-18b051e0ce27642c-00
x-timer: S1659298009.248707,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 20 Jul 2023 07:22:28 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 8b8d2f33-0733-11ed-84b9-0e40336669c2
x-cache-hits: 1, 1

GET
H2 200 ready.js Show response
pymx5.com/scripts/ 1 KB
2 KB 130ms
30ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ready.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:37:41 GMT
age: 1748
x-guploader-uploadid: ADPycduDvmw0CV4FI81EVarJeRPuKDlJC3ywdAUVMq4slqXSnP7JVawVWrX4ww4Ua392iLF-JTLQLqHfvO0GmzzFJ5RR_GgyUHH_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
server: UploadServer
etag: "06467ab40d7f92f9794f0b20431992be"
x-goog-hash: crc32c=fis9Og==, md5=BkZ6tA1/kvl5TwsgQxmSvg==
x-goog-generation: 1657865951646835
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 1278
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ims.js Show response
pymx5.com/scripts/ 16 KB
16 KB 131ms
31ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ims.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:37:41 GMT
age: 1748
x-guploader-uploadid: ADPycdutbsUcQtbtWR6ikQc3jRHMKFErFRo4Z4fRl3cjMruJNHcTutYyRGT6tKKTQBG-SQeSqP8CzDO2-LIEXFZik3NbfyDzUiKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16603
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
server: UploadServer
etag: "ad907d3febe0f354e5ddae6c691909db"
x-goog-hash: crc32c=p2OvPg==, md5=rZB9P+vg81Tl3a5saRkJ2w==
x-goog-generation: 1657865951791907
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 16603
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 45ms
39ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:58:59 GMT
age: 470
x-guploader-uploadid: ADPycdvQBs8V_y7EdmH_Px5Bh7MY5xmagWVqaVaJZeSi7xZp9R-MJX-z02TyIYPbHVH0fAhIPC8ryJKb9aYZKQg6wgyyoVBWln_c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8946
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1654079928343051
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
kesq.com/wp-includes/js/jquery/ 87 KB
36 KB 19ms
15ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-15db1"
age: 1458756
x-pantheon-styx-hostname: styx-fe1-a-679db49985-8hpfn
x-cache: HIT, HIT
x-cloud-trace-context: 39a622e0b47546f29c8651d95464a0a6/582373503790600858;o=0
content-length: 36052
x-served-by: cache-chi-kigq8000144-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-39a622e0b47546f29c8651d95464a0a6-0815019dbc09d29a-00
x-timer: S1659298009.248755,VS0,VE3
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:14 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1ce6116-03c7-11ed-b721-6a3a297be2ea
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
kesq.com/wp-includes/js/jquery/ 11 KB
5 KB 18ms
15ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-2bd8"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-hpsrt
x-cache: HIT, HIT
x-cloud-trace-context: e49a6b9f060645499b79f6abc4601d40/16489806730663671023;o=0
content-length: 4565
x-served-by: cache-chi-kigq8000098-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-e49a6b9f060645499b79f6abc4601d40-e4d78fdad40db4ef-00
x-timer: S1659298009.249486,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cbffb5-03c7-11ed-9c23-0eaedebb5d8e
x-cache-hits: 1, 1

GET
H2 200 super-speedy-search.js Show response
kesq.com/wp-content/plugins/super-speedy-search/assets/js/ 4 KB
2 KB 19ms
16ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/super-speedy-search/assets/js/super-speedy-search.js?ver=2.06

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

20dd55f5158dd6daa30e062649c9bad8584ff07b6bb4a4a2157fe9da05dd355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-10f2"
age: 1458755
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ddsh8
x-cache: HIT, HIT
x-cloud-trace-context: aa4b86149bef4a0b95f52dcc89c3694d/6129084700843043168;o=0
content-length: 1701
x-served-by: cache-chi-klot8100035-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-aa4b86149bef4a0b95f52dcc89c3694d-550ee20fe807e960-00
x-timer: S1659298009.250166,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:13 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e1cbd6f5-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits: 1, 1

GET
H2 200 embed.js Show response
squareoffs.com/assets/ 2 KB
3 KB 123ms
72ms Script
application/javascript 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/embed.js?ver=2.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Fri, 17 Jun 2022 09:14:36 GMT
server: Cowboy
age: 477482
x-served-by: cache-iad-kiad7000165-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298009.293847,VS0,VE63
content-length: 2414
x-cache-hits: 14, 1

GET
H2 200 videojs-ie8.min.js Show response
vjs.zencdn.net/ie8/1.1.2/ 27 KB
9 KB 41ms
8ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js?ver=1.0.3
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2016 20:27:09 GMT
etag: "2ff9bb22f0b1789ac170247b0825488f"
x-served-by: cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 8924
x-cache-hits: 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 147ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28387
x-xss-protection: 0
server: sffe
etag: "1290 / 820 of 1000 / last-modified: 1659132299"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Jul 2022 20:06:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 43ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

8e541ec7c549f193f51f945923b4baa7bfbaec9382f342f00d45d508736cd6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
server: sffe
etag: "1290 / 450 of 1000 / last-modified: 1659132347"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Jul 2022 20:06:49 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 471 KB
135 KB 155ms
24ms Script
application/x-javascript 2.21.185.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.59 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 07fc9910e487dc47adf17cbac80967ff1ce6c539ac50d9bc0aa0d32d02450f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:49 GMT
Content-Encoding: gzip
x-amz-request-id: 0C3HA2YXK3EXKJKQ
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: u9QYgWot9pblqP0z72vPHtZNhfPSxRoOaPJ58MHl8JjlEiBUil3s49Z//youuv25lSadb/XyG8o=
Last-Modified: Tue, 26 Jul 2022 22:08:57 GMT
Server: AmazonS3
ETag: "693c8e05190af721e4017e94b9e64bed"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 39 KB
11 KB 69ms
7ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5a5134abdd82fe74cfe08760a01ce4e95df811910df09506718f3c51904038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: vrQPMhy48ZxTRQ1fiEuFtG3AePjddUIb
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 06:53:16 GMT
server: AmazonS3
age: 3360
etag: W/"3ee15221ed58ec131d2436992aac3213"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control: public,max-age=3600
date: Sun, 31 Jul 2022 19:10:56 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: eRD11FYQJGacOb5NpIpIVrMj3GRnLlH7CKpyiPpWa_RQKgNIX5wRaQ==

GET
H/1.1 200
OK MIN-30430.js Show response
apv-launcher.minute.ly/api/launcher/ 107 KB
54 KB 473ms
384ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2fb8b59fee922d2f00bcb56228a169a9bcc0810ac20929e9112f132ed3ff6669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Content-Encoding: gzip
X-HW: 1659298009.dop005.am5.t,1659298009.cds240.am5.shn,1659298009.dop005.am5.t,1659298009.cds153.am5.s,1659298009.dop201.dc2.r,1659298010.cds179.dc2.c,1659298010.cds153.am5.p
Content-Type: text/javascript; charset=utf-8; charset=utf-8
Cache-Control: max-age=30
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 54797

GET
H2 200 npgco.js Show response
cdn.blueconic.net/ 130 KB
40 KB 39ms
8ms Script
text/javascript 18.66.139.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/npgco.js

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-95.fra60.r.cloudfront.net

Software

- /

Resource Hash

a58b5573e094decca6032a2d52bee2cae53654e12b88252f88c9d78b29f87322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 170
x-cache: Hit from cloudfront
content-length: 39975
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Jun 2022 08:46:20 GMT
server: -
etag: "208cd-5e1f141306d70-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA60-P4
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: Bdjr5HyHuIxq6LwCcFCxCrf6zyqribxjcrSZ6n56Bb9DdkwDm8KCBQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 203ms
109ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19610616-1

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6b13d6dcec91adbb949b1148d7171557c311b097a85007cf1022a5ba6dee47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41852
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Jul 2022 20:06:49 GMT

GET
H2 200 wp-emoji-release.min.js Show response
kesq.com/wp-includes/js/ 18 KB
6 KB 46ms
42ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-4705"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-cbcsb
x-cache: HIT, HIT
x-cloud-trace-context: d7f0de6f0f364c3d89040a7c37319f3c/7706680083029101354;o=0
content-length: 5714
x-served-by: cache-chi-kigq8000030-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-d7f0de6f0f364c3d89040a7c37319f3c-6af3a0b42a870b2a-00
x-timer: S1659298010.699944,VS0,VE30
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e338ba45-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits: 1, 1

GET
H2 200 nc3xsm.png
kesq.b-cdn.net/2020/03/ 15 KB
16 KB 75ms
17ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2020/03/nc3xsm.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 8ae1f5532f9d310fe1c417006170224df6af527c6a8abf8f8d297c611302ec8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 722
x-amz-request-id: 9F8E601688DF1C05
cdn-cachedat: 07/19/2022 20:21:33
cdn-pullzone: 145650
content-length: 15526
x-amz-id-2: uJf4lFyahQkEEYJQkj1sqzHoYNiT4AWq45uoVFDd1JYZYqxMTQvewyOoSsliyCHkX8qAuYFqyYn+
server: BunnyCDN-DE-632
last-modified: Thu, 12 Mar 2020 16:50:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: bc730a0606d92e8f31945cc5687547b1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kesq.jpg
kesq.b-cdn.net/2021/06/ 46 KB
46 KB 69ms
11ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/06/kesq.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 30238015ace7c59521ab23dcda63e83d0dd715c77e548ffd70fdfad89c683197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 756
x-amz-request-id: EA9E3AC3BAEA1699
cdn-cachedat: 06/09/2022 20:13:02
cdn-pullzone: 145650
content-length: 47080
x-amz-id-2: aKj/uzv/csXQA1S5CVk+BGb0PlP+E4xMHh/ci/RmvM6z6nJgJs1OIs3BkWqXt0XkyBFZwXBM01ku
server: BunnyCDN-DE-632
last-modified: Fri, 04 Jun 2021 05:56:07 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: a3707610be82146eb26c40c7985b3539
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9000_clear_day.png
kesq.com/wp-content/themes/storymate-npg/assets/images/weather-icons/ 5 KB
5 KB 18ms
14ms Image
image/png 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kesq.com/wp-content/themes/storymate-npg/assets/images/weather-icons/9000_clear_day.png

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

31c85cc6147bdb0f54524cfbaefe5af4834364821fa95d371591e2242c3789e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
etag: "62d09df2-1312"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-a-679db49985-rpn9n
x-cache: HIT, HIT
x-cloud-trace-context: e98bfedf2da6421798e7e457a848443e/11497490772504296006;o=0
content-length: 4882
x-served-by: cache-chi-kigq8000070-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-e98bfedf2da6421798e7e457a848443e-9f8f4af0f7733a46-00
x-timer: S1659298010.699929,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
content-type: image/png
x-styx-req-id: e33a672d-03c7-11ed-b329-8efbea45c253
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 FAWAD-FB-TIMELINE-IMAGE-Radar-375x225.png
kesq.b-cdn.net/2022/07/ 110 KB
110 KB 75ms
18ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/FAWAD-FB-TIMELINE-IMAGE-Radar-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: f18bf97b3f01d73b9a1cdefdec5d15fc1a895dfe6d1d1ca4254ea2ff0fe1f433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 752
x-amz-request-id: BD01F38DE47C0F06
cdn-cachedat: 07/31/2022 04:51:36
cdn-pullzone: 145650
content-length: 112274
x-amz-id-2: W8+24Xsm14psPB6xxMXzA8+ZN31KZ2r9Xq/VI+sYjFyOcMJtJlc5NlTB5m3mpJoBGzajqpOF45gn
server: BunnyCDN-DE-632
last-modified: Sun, 31 Jul 2022 04:50:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 44281b8c95b88e77643bd64ae48d7eeb
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 desert-air.png
kesq.b-cdn.net/2020/07/ 5 KB
5 KB 74ms
17ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2020/07/desert-air.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: d9a788f4d19b9938a61116bc4cae75cdfbe029d8d0de13d1bf5c7458d33dea7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 723
x-amz-request-id: 56E1F17DA7D7C8A5
cdn-cachedat: 03/12/2022 20:00:09
cdn-pullzone: 145650
content-length: 4783
x-amz-id-2: NhM6hLwUNGI9B+xzSUCRV8M0gH0s2Q9mPXjSBKbaviQ6uauFgXmpOksHyPnUF4vk67EZsI7xV4iV
server: BunnyCDN-DE-632
last-modified: Thu, 30 Jul 2020 17:46:48 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: acb20ae3c8dd921149b412f7b52701e6
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 embed.js Show response
squareoffs.com/assets/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/embed.js

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Fri, 29 Jul 2022 07:57:46 GMT
server: Cowboy
age: 209870
x-served-by: cache-iad-kjyo7100109-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298009.426074,VS0,VE1
content-length: 2414
x-cache-hits: 1, 1

GET
H2 200 50142-Fantasy-Springs-Logo-120.jpg
kesq.b-cdn.net/2021/06/ 20 KB
20 KB 38ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/06/50142-Fantasy-Springs-Logo-120.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 6882e5b22cfa863c2631280944c5e9dcb6dd7ae9c4f159021fce2bed20d4d529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 865
x-amz-request-id: 87FF71C505001381
cdn-cachedat: 05/22/2022 00:26:50
cdn-pullzone: 145650
content-length: 20420
x-amz-id-2: sMZpbJHy5OSnyngqwyhCEg9NpkbIKByjZTl03KyX7Aip01XWIt6x/XgOzrCo4z9Si/JSvZX+ZGOs
server: BunnyCDN-DE-632
last-modified: Mon, 21 Jun 2021 20:20:38 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: b9790301de6483fb3220fe352c03defd
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fw-loader.js Show response
feed.mikle.com/js/ 4 KB
2 KB 662ms
98ms Script
application/javascript 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.mikle.com/js/fw-loader.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-138-68.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c00371b4c5eb8328791a15210ed22492ec7efbd4895907e1bea770fcff12e53c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
cache-control: no-cache
last-modified: Tue, 12 Jul 2022 07:38:12 GMT
server: nginx
content-encoding: gzip
etag: W/"62cd24e4-fb2"
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK kesq-news-app-icon.jpg
s3.us-east-1.wasabisys.com/kesq.com/2019/11/ 20 KB
20 KB 408ms
101ms Image
image/jpeg 38.27.106.53
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.wasabisys.com/kesq.com/2019/11/kesq-news-app-icon.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.106.53 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head06) /
Resource Hash: 1958d7d53006e287cd42b0d5dbc5f26475e67c39e00ba21ad9e5f5a34a39e445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Fri, 01 Nov 2019 20:11:03 GMT
Server: WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head06)
x-amz-request-id: 9E7426CB532E5180
ETag: "3255e8b81305637025165d2095a77c08"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20407
x-amz-id-2: dB1qLngfZyKGYUzCN+lA6bak8gnWfYO837aj84Jc6UDOUbxhlhOlnJN4IeG46xvChyqiKk6Hu6m3

GET
H/1.1 200
OK kesq-weather-app-icon.png
s3.us-east-1.wasabisys.com/kesq.com/2019/11/ 9 KB
9 KB 410ms
103ms Image
image/png 38.27.106.53
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.wasabisys.com/kesq.com/2019/11/kesq-weather-app-icon.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.106.53 Kennedyville, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head14) /
Resource Hash: a411d089866aaa8961b38410d3ed37f4d52ca0ab15236d67b0f56f93bb20a5cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Fri, 01 Nov 2019 20:11:05 GMT
Server: WasabiS3/7.5.1035-2022-06-08-c4b39686a7 (head14)
x-amz-request-id: 41435FDA81A4DF39
ETag: "b78983a95f0708dce334ab4747c8d098"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8768
x-amz-id-2: tSqY2loCpzLiX0eKo9WTP86yepCWGudOxbIb7sUrNDD+8FdlcpX5ygJaLQto+7ey1UsCxHoLWmBP

GET
H2 200 video.js Show response
vjs.zencdn.net/7.15.4/ 2 MB
461 KB 10ms
9ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.15.4/video.js?ver=1.0.3
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0879d98559c8e27797788a87521a624188b93b24c7fa99df9f870bf1b323191d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 21:08:22 GMT
etag: "3be88bedd852bb336bc3519c594124a8"
x-served-by: cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
content-length: 471302
x-cache-hits: 1

GET
H2 200 videojs-hls-player.js Show response
kesq.com/wp-content/plugins/videojs-hls-player/ 401 B
619 B 15ms
7ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/videojs-hls-player/videojs-hls-player.js?ver=1.0.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

aa074e019e49996734864780e02fa6b387cda33de27f43c2a1b6957be676f981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-191"
age: 1458760
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ccnqj
x-cache: HIT, HIT
x-cloud-trace-context: f53c1239072c466a89ad116ad7b72bdb/1964492261468779404;o=0
content-length: 247
x-served-by: cache-chi-kigq8000148-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-f53c1239072c466a89ad116ad7b72bdb-1b43474db0d9b38c-00
x-timer: S1659298010.693937,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:09 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: df38a2c2-03c7-11ed-9a70-feb4ad2bd266
x-cache-hits: 1, 1

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 329 KB
54 KB 56ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment-with-locales.min.js?ver=2.24.0

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 340293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54791
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-52243"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33%2FO%2BHMpn99LhOUdK0KZlnAU8cf4XZJ44xk9BajDJTFWc44Nx2ghXbdguKSK9giHD5Ak2GVVSKWdN%2Fq7aj%2BrRTsvfLHHqfd2C369eNNXxXu6ErtBvtSvCXu%2B%2F6qEFW6Eo%2FtjTf1isTKY3sAqIfmevOzx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7338f4f0cca26977-FRA
expires: Fri, 21 Jul 2023 20:06:49 GMT

GET
H2 200 moment-timezone-with-data.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/ 181 KB
21 KB 64ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.26/moment-timezone-with-data.min.js?ver=0.5.26

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16200711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21383
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2d327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q4xI%2FXPyioHedxIdBXVdWf%2B7%2F4FdHDMBqwcMM9dbkLTWh3ijslwcUGBi%2FuvOJFeBbudjN8SBeLx1bXjhICwRvrKwEkyQoC60iz%2Fl9M9zkFLLbE5f6o88pqscgI68y%2F%2FubatPdGMQYNU6uo1DYIaAN2s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7338f4f0cca66977-FRA
expires: Fri, 21 Jul 2023 20:06:49 GMT

GET
H2 200 underscore.min.js Show response
kesq.com/wp-includes/js/ 19 KB
8 KB 16ms
8ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-4a7d"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ccnqj
x-cache: HIT, HIT
x-cloud-trace-context: d7a559f163f346348fd11545aadf97e6/5389542776366009278;o=0
content-length: 8101
x-served-by: cache-chi-klot8100073-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-d7a559f163f346348fd11545aadf97e6-4acb80999f118bbe-00
x-timer: S1659298010.695606,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e332385b-03c7-11ed-9a70-feb4ad2bd266
x-cache-hits: 1, 1

GET
H2 200 backbone.min.js Show response
kesq.com/wp-includes/js/ 23 KB
9 KB 20ms
13ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/backbone.min.js?ver=1.4.0

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-5cf2"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-hpsrt
x-cache: HIT, HIT
x-cloud-trace-context: 73e9e3615a53436e817e232a90a8cb34/4178540206822432868;o=0
content-length: 9085
x-served-by: cache-chi-klot8100043-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-73e9e3615a53436e817e232a90a8cb34-39fd282de356a064-00
x-timer: S1659298010.695594,VS0,VE4
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e3331028-03c7-11ed-9c23-0eaedebb5d8e
x-cache-hits: 1, 1

GET
H2 200 api-request.min.js Show response
kesq.com/wp-includes/js/ 1 KB
916 B 20ms
13ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/api-request.min.js?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df3-401"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-ddsh8
x-cache: HIT, HIT
x-cloud-trace-context: b47d7a74ca2847a19bdfff4e0f4514bc/9006702465052082841;o=0
content-length: 597
x-served-by: cache-chi-klot8100058-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:31 GMT
server: nginx
traceparent: 00-b47d7a74ca2847a19bdfff4e0f4514bc-7cfe3c2c23108299-00
x-timer: S1659298010.697395,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e3386dbd-03c7-11ed-b0a5-86e4977b04d6
x-cache-hits: 1, 1

GET
H2 200 wp-api.min.js Show response
kesq.com/wp-includes/js/ 14 KB
5 KB 16ms
10ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-includes/js/wp-api.min.js?ver=5.9.3

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62defdda-395e"
age: 428172
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-7m8pz
x-cache: HIT, HIT
x-cloud-trace-context: 5a77f5ffcfc84a26bc473dac0bf1f9ae/1102543046143795888;o=0
content-length: 4675
x-served-by: cache-chi-kigq8000150-CHI, cache-hhn4050-HHN
last-modified: Mon, 25 Jul 2022 20:32:26 GMT
server: nginx
traceparent: 00-5a77f5ffcfc84a26bc473dac0bf1f9ae-0f4d050f16fa62b0-00
x-timer: S1659298010.696414,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 27 Jul 2023 21:10:37 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6528b541-0d27-11ed-b571-6ebfd91b685e
x-cache-hits: 1, 1

GET
H2 200 theme.min.js Show response
kesq.com/wp-content/themes/storymate-npg/build/js/ 17 KB
6 KB 17ms
11ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/themes/storymate-npg/build/js/theme.min.js?ver=1.4.21

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-43ae"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-a-679db49985-8hpfn
x-cache: HIT, HIT
x-cloud-trace-context: afe3ef51aa49454c9f04e3777ab97121/9428014233493854884;o=0
content-length: 5992
x-served-by: cache-chi-klot8100053-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-afe3ef51aa49454c9f04e3777ab97121-82d708fe5cba5aa4-00
x-timer: S1659298010.696194,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e33ed2e9-03c7-11ed-b721-6a3a297be2ea
x-cache-hits: 1, 1

GET
H2 200 vendor.min.js Show response
kesq.com/wp-content/themes/storymate-theme/build/js/ 44 KB
14 KB 15ms
9ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/themes/storymate-theme/build/js/vendor.min.js?ver=1.4.21

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-af26"
age: 1458754
x-pantheon-styx-hostname: styx-fe1-a-679db49985-rpn9n
x-cache: HIT, HIT
x-cloud-trace-context: ab183d1947cd44e49ed3af1b21afd80d/3677154844675433968;o=0
content-length: 13737
x-served-by: cache-chi-klot8100175-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-ab183d1947cd44e49ed3af1b21afd80d-3307e0d94cfc65f0-00
x-timer: S1659298010.696190,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e338873c-03c7-11ed-b329-8efbea45c253
x-cache-hits: 1, 1

GET
H2 200 theme.min.js Show response
kesq.com/wp-content/themes/storymate-theme/build/js/ 6 KB
2 KB 18ms
12ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/themes/storymate-theme/build/js/theme.min.js?ver=1.4.21

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-1638"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-a-679db49985-kfd84
x-cache: HIT, HIT
x-cloud-trace-context: 24034d332b42408688802c2ee696ba80/15151465579873899968;o=0
content-length: 2118
x-served-by: cache-chi-klot8100080-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-24034d332b42408688802c2ee696ba80-d244d1ab42f115c0-00
x-timer: S1659298010.696171,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e33891b1-03c7-11ed-add9-aa1b03124d3f
x-cache-hits: 1, 1

GET
H2 200 app.min.js Show response
kesq.com/wp-content/plugins/pojo-accessibility/assets/js/ 5 KB
2 KB 16ms
10ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df1-14c1"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-b-8cd7f97c7-cbcsb
x-cache: HIT, HIT
x-cloud-trace-context: eb1ed21025ba43fab1f5a0a2b8fb4654/7097062412903590791;o=0
content-length: 1841
x-served-by: cache-chi-klot8100113-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:29 GMT
server: nginx
traceparent: 00-eb1ed21025ba43fab1f5a0a2b8fb4654-627dd4a9a5e52b87-00
x-timer: S1659298010.696153,VS0,VE2
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e338af22-03c7-11ed-b55f-b2f45ad6201e
x-cache-hits: 1, 1

GET
H2 200 socialshare.js Show response
kesq.com/wp-content/plugins/wp-social-sharing/static/ 348 B
552 B 18ms
13ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-content/plugins/wp-social-sharing/static/socialshare.js?ver=1.6

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
etag: W/"62d09df2-15c"
age: 1458753
x-pantheon-styx-hostname: styx-fe1-a-679db49985-6vcqf
x-cache: HIT, HIT
x-cloud-trace-context: e75639828b03457493b7598fbd7c3dc1/14196533105317518559;o=0
content-length: 248
x-served-by: cache-chi-kigq8000101-CHI, cache-hhn4050-HHN
last-modified: Thu, 14 Jul 2022 22:51:30 GMT
server: nginx
traceparent: 00-e75639828b03457493b7598fbd7c3dc1-c50437a490861cdf-00
x-timer: S1659298010.696155,VS0,VE3
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 15 Jul 2023 22:54:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e338a657-03c7-11ed-a58f-36a94022e041
x-cache-hits: 1, 1

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 732 KB
166 KB 45ms
9ms Script
application/javascript 2600:9000:20eb:ce00:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ce00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f0ab978838efc7dc4b61dd5ffa2e2c45380e20a828c10a594c78b0cafcf76af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 1pNlN5vvaYc6YjiUmx2OYXP3fdMQNAOl
content-encoding: br
last-modified: Fri, 29 Jul 2022 19:38:21 GMT
server: AmazonS3
age: 177
etag: W/"d14787fad413eddbfb6335c314ea9e31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Sun, 31 Jul 2022 20:03:59 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: B5zFfvrwvlYBje73EMuTlMJN5X_osl_vdJlYLQLXbXTnpU-nPJQduA==

GET
H2 200 get-context Show response
api.pymx5.com/v1/publisher/ 60 B
300 B 165ms
119ms XHR
application/json 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/publisher/get-context

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
allow: GET, HEAD, OPTIONS
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json
access-control-allow-origin: https://kesq.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 ifilter-eval.js Show response
pymx5.com/scripts/ 9 KB
9 KB 38ms
35ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ifilter-eval.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:37:41 GMT
age: 1748
x-guploader-uploadid: ADPycdtl74kpGUsAMfmwpgW10SHg-VtzEA_eOfFhzG23BmV_lQpeuHbth5UL6bedQL67ovjCgjDo1EKNxsXtLz8b63nz7P_kJYuC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8929
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
server: UploadServer
etag: "b8c23f3782f2b89bad7344ea2720b5ba"
x-goog-hash: crc32c=1cvcAw==, md5=uMI/N4LyuJutc0TqJyC1ug==
x-goog-generation: 1634039087715113
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 8929
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 messageRequest.js Show response
pymx5.com/scripts/ 6 KB
6 KB 34ms
32ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/messageRequest.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:01:03 GMT
age: 346
x-guploader-uploadid: ADPycdtsq5g4r5fr_qo9J3Y7C_-A_s1MxEtv-rtoQzaUUQ9AwmXSqT3R3dL8ZDulmcOw0t8CF1FPqI8zMiisrx3NqxGaF2P7M_wR
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6018
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
server: UploadServer
etag: "1c14d674aa94ed0a5b5b0830b8648345"
x-goog-hash: crc32c=5DBAqw==, md5=HBTWdKqU7QpbWwgwuGSDRQ==
x-goog-generation: 1651158638133732
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 6018
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 imstag.min.js Show response
pymx5.com/ad-rendring/src/ 100 KB
100 KB 47ms
44ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:37:41 GMT
age: 1748
x-guploader-uploadid: ADPycdt2_REa_Em_IfAvF2gcKxM0lqmiI3QrmTyCmmkVLK2iDz0LosrBpTfans106QT9Z866FQluwkM1LA6BY7STZ0aJq3L7Li7T
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102578
last-modified: Tue, 05 Jan 2021 10:02:41 GMT
server: UploadServer
etag: "298e66c7b1579da377cb19aec5a997c7"
x-goog-hash: crc32c=o3Vcbw==, md5=KY5mx7FXnaN3yxmuxamXxw==
x-goog-generation: 1609840961551922
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 102578
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pubads_impl_2022072102.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 131ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 31 Jul 2022 17:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131883
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 17:43:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jul 2023 17:24:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 341 B
794 B 141ms
39ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kesq.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e57f398cb2a465a3cc0524e4cce4513e147b2ebf04ea8beffe47beaf617d484d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
expires: Sun, 31 Jul 2022 20:06:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
50 KB 84ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4e135a220eb3029f81c6298c91c25cf579606567ac483b84548e0b4281f953d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50747
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Jul 2022 20:06:49 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 119ms
36ms Script
text/javascript 54.170.230.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fkesq.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 764846f18b34bd46a22db4133aecca579fb7519e6ff5986407dd065b801c6a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 811
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 570 Show response
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 57 KB
12 KB 404ms
193ms XHR
application/json 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/570?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-07-31T20%3A06%3A49%2B00%3A00&ts=1659298009684

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

1fe4aab51a544cfaceeb8dc1d9ed7cc9ce296ffc069bf4a925a7600bbf8421db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://kesq.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 10935
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 147ms
58ms Script
application/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 117ms
59ms Script
application/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 073022-sunline-stabbing-375x225.jpg
kesq.b-cdn.net/2022/07/ 8 KB
8 KB 13ms
11ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/073022-sunline-stabbing-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: c85c3808dfe42fa74e54afb6875ce3856dc07c5d49002197d892bd8109fb878d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 722
x-amz-request-id: 7321E250B6BED7AE
cdn-cachedat: 07/30/2022 16:37:18
cdn-pullzone: 145650
content-length: 8068
x-amz-id-2: UihcHpg9/VbDyAqYQ7+BwjFJj8y+XopcNBJXmF87BZROLjXlT48y//1Lxj/Lh3al6qbNN6Y9ZM1h
server: BunnyCDN-DE-632
last-modified: Sat, 30 Jul 2022 16:16:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: de4242f577c477abd584ff6e31042acd
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 c6w6UA1Q-web-pic-375x225.jpg
kesq.b-cdn.net/2022/07/ 35 KB
35 KB 13ms
12ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/c6w6UA1Q-web-pic-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: a491c3dbdbcebaf66db9b3a581f33d35224aa8e312f4b280346061739f25dc5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 632
x-amz-request-id: 24BA896D91F1DB4B
cdn-cachedat: 07/31/2022 02:06:18
cdn-pullzone: 145650
content-length: 35417
x-amz-id-2: rn5digVEVArdPZWOV4nxCjDTv7N1nZCSOjY72yk3h6cwmwGY7R78QbTrxZYXpzoOpMZRMVGgpQu3
server: BunnyCDN-DE-632
last-modified: Sun, 31 Jul 2022 01:36:19 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: f30848223277868d787f2886cb686340
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2022-07-30-at-9.47.42-PM-375x225.png
kesq.b-cdn.net/2022/07/ 125 KB
126 KB 13ms
12ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/Screen-Shot-2022-07-30-at-9.47.42-PM-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 3cb352e04b672cf3049ce94372fbbdfb42036ef45c360a15f52a495395558a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 874
x-amz-request-id: AD0E40C313E7AD2B
cdn-cachedat: 07/31/2022 05:06:22
cdn-pullzone: 145650
content-length: 128492
x-amz-id-2: 4K40FoXkwf6yhS+cHyIOQwgtAxdHnpeIGSjhiYzbGahE00FKTZn7NwVXZzGHQGplxpPlGLHlosb5
server: BunnyCDN-DE-632
last-modified: Sun, 31 Jul 2022 04:51:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 034e6ff0eaad6626f10a1f04af447d6c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SCHOOL-STAFFING.00_07_11_29.Still001-375x225.png
kesq.b-cdn.net/2022/07/ 171 KB
171 KB 16ms
14ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/SCHOOL-STAFFING.00_07_11_29.Still001-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 0fb24af945361268b9fe56949c5d2ae8c151a82f9254c05c113d29a2ca14c32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 755
x-amz-request-id: ACCD158F93E0D807
cdn-cachedat: 07/30/2022 21:42:40
cdn-pullzone: 145650
content-length: 174902
x-amz-id-2: O85k01+8Ndaz9hiWUXPJwzkOiCS5c71TrmDkZ5Gjt5s2a9ZShCZ1VqbHnpOdfoqwVuL9W2G3/zWn
server: BunnyCDN-DE-632
last-modified: Sat, 30 Jul 2022 21:40:16 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 0e91948c1954056174dd8775b3d933f3
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2022-07-30-at-2.59.15-PM-375x225.png
kesq.b-cdn.net/2022/07/ 165 KB
166 KB 15ms
14ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/Screen-Shot-2022-07-30-at-2.59.15-PM-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: ba34080d2aa5d3b75af8e56d80cce88d90cff3c17607f7067631940a606a4d21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 632
x-amz-request-id: 0BF791FB4527294D
cdn-cachedat: 07/30/2022 22:03:50
cdn-pullzone: 145650
content-length: 168971
x-amz-id-2: oVNR25lK00kuX6YBqwVwPQNQs+L7WgSS/mGVWs9SUlrB1XKkopf+3LqI2Th9YxBfAag2KYL1T//H
server: BunnyCDN-DE-632
last-modified: Sat, 30 Jul 2022 22:00:12 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 573df3e9d412bac3868b556b1b7ce230
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 072822-TALAMANTES-VIGIL-PKG.00_00_17_13.Still001-375x225.jpg
kesq.b-cdn.net/2022/07/ 24 KB
25 KB 14ms
13ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/072822-TALAMANTES-VIGIL-PKG.00_00_17_13.Still001-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 5ef2408f2cac089d17372b64be14cf4065d9e7114596876e9bfaab09fd898eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 756
x-amz-request-id: 32376D852284257F
cdn-cachedat: 07/30/2022 05:22:46
cdn-pullzone: 145650
content-length: 24810
x-amz-id-2: 2O/8QScUf9bIm94KMSwrfXRLu9/1lccFGazbHZ7adWT7rooZ2d3FfWcJxionTzfusZIdiT7bgVOQ
server: BunnyCDN-DE-632
last-modified: Sat, 30 Jul 2022 05:21:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 91b4e504d6ff0be36df087cb0a811b1f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 MGN_1280x720_10309P00-NVGIO-375x225.jpg
kesq.b-cdn.net/2021/12/ 24 KB
25 KB 15ms
14ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/12/MGN_1280x720_10309P00-NVGIO-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: e1c6188138641875be47586e955ea4b16f83fc96629c035558cd1c1a6f536952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 865
x-amz-request-id: A4A167037BACE8CD
cdn-cachedat: 07/28/2022 21:26:19
cdn-pullzone: 145650
content-length: 24622
x-amz-id-2: T6VUPQ1mDBynrNoAQF6tnsKoRtLLq1c9vhgrwcn5ZZsYNxSY87uOT1P5nBOHISja4gY7ubQnsY1M
server: BunnyCDN-DE-632
last-modified: Fri, 10 Dec 2021 02:00:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 1568c68bdc94f2a6e0adfddca9064165
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 MGN_1280x720_00612P00-WBORM-375x225.jpg
kesq.b-cdn.net/2022/06/ 14 KB
15 KB 16ms
15ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/MGN_1280x720_00612P00-WBORM-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: ab94db5ace8646a450fe74634845d50eb0f0083f0cd50518b48fccb3e8c19935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 874
x-amz-request-id: AA06A4A7E4C6034D
cdn-cachedat: 07/20/2022 21:04:33
cdn-pullzone: 145650
content-length: 14664
x-amz-id-2: y2K6S3R1fLTRXHhIzMVPFu1uQUh6ZlVTbKNOrngDJHZbSHyTpihiuR2TQtbW8l/AMMBOQWS+Xln5
server: BunnyCDN-DE-632
last-modified: Fri, 17 Jun 2022 21:52:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 984e4597b61ede71c7f2123c2dd41690
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 S188222009-300-375x225.jpg
kesq.b-cdn.net/2022/07/ 20 KB
20 KB 15ms
14ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/S188222009-300-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: c6a95e8a503b7c9003ce95194f008246d1b145645e55a0a1c7c159f637feb7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 865
x-amz-request-id: C089A37031707143
cdn-cachedat: 07/21/2022 17:56:08
cdn-pullzone: 145650
content-length: 20296
x-amz-id-2: KK9T//xi2bdnAFgZwflOZvr5DD7uEg9N7SQQoe7eiTmITWheSgQSy+hxizL7NFMLYr06nWmKcuxa
server: BunnyCDN-DE-632
last-modified: Thu, 21 Jul 2022 17:38:27 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 515e7b014a240502e21a5bf1f48dcca5
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 MGN_1280x720_20411P00-FCGCL-375x225.jpg
kesq.b-cdn.net/2022/07/ 21 KB
21 KB 16ms
15ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/MGN_1280x720_20411P00-FCGCL-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 0c1bb27b91d9465310792ab1125e82240f02a7f92b55aa42dc1510088e07ce1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 864
x-amz-request-id: 87F41E7791628987
cdn-cachedat: 07/14/2022 21:34:27
cdn-pullzone: 145650
content-length: 21391
x-amz-id-2: Lo+FCzuo8e8rIe1rQ+jhz84iX2UA7suMe96iMOzghRXEgrWsIx1oImWlBZsOx1pzlxchjHBo62od
server: BunnyCDN-DE-632
last-modified: Thu, 14 Jul 2022 21:33:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 94c21a190df7b0fd5c33d803c8324b2a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 thumbnail_TSR-MONKEYPOX-MISERY_STILL-375x225.png
kesq.b-cdn.net/2022/07/ 114 KB
115 KB 16ms
15ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/thumbnail_TSR-MONKEYPOX-MISERY_STILL-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: e8ebba2c054fd7e8a4747812be2ae4269af334a2e74f28ca244870fa78f7cd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 565
x-amz-request-id: 23DE4EBFB36FEA0C
cdn-cachedat: 07/19/2022 20:18:58
cdn-pullzone: 145650
content-length: 116883
x-amz-id-2: GeViDvHFhsNA6SvK4AKz9j/klyhv+qSSIUlKDMcUzVD7BSzwFpMIfq2yjsYYxeWSEg8idG3V0huv
server: BunnyCDN-DE-632
last-modified: Tue, 19 Jul 2022 20:11:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 80e4239a1bb26135f6e3cfa64ad23ace
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4847 Show response
squareoffs.com/embeds/ Frame ECF8 32 KB
12 KB 166ms
165ms Document
text/html 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/embeds/4847?feed_size=small

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8a32cdabc9ad1fff4bad02b77ec63d2e14b320ff4bcd1f5a50c68897c15267b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosnif
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-request-method: *
cache-control: max-age=30, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 31 Jul 2022 20:06:49 GMT
etag: W/"8a32cdabc9ad1fff4bad02b77ec63d2e"
expires: Sun, 31 Jul 2022 20:07:19 GMT
server: Cowboy
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosnif
x-frame-options: ALLOWALL
x-request-id: f8e3d5b8-691c-46d6-9f03-9701cb160b49
x-runtime: 0.046773
x-served-by: cache-iad-kiad7000078-IAD, cache-hhn4068-HHN
x-timer: S1659298010.786622,VS0,VE157
x-xss-protection: 0

GET
H2 200 post-robot.min.js Show response
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ 35 KB
11 KB 67ms
35ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4652681
x-jsd-version: 10.0.31
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10439
etag: W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
x-served-by: cache-fra19129-FRA, cache-hhn4067-HHN
x-jsd-version-type: version
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 539 B
315 B 136ms
136ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1533716713199401&correlator=2483587158146546&eid=44761478%2C31064226%2C42531605%2C42531607&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6123%2Ckesq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2364208797&sfv=1-0-38&ecs=20220731&ists=1&fsapi=false&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie_enabled=1&abxe=1&dt=1659298009794&lmt=1659298009&dlt=1659298009230&idt=424&adxs=220&adys=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=1200x0&msz=1160x0&fws=4&ohw=1600&ga_vid=1223097823.1659298010&ga_sid=1659298010&ga_hid=934942832&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

31cc33a86913201396dd86b56df02fac8e37f7f939def3ed7a3057ab7ea838a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B162 6 KB
4 KB 203ms
63ms Document
text/html 2a00:1450:4014:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:49 GMT
expires: Mon, 31 Jul 2023 20:06:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TSR-SEISMIC-DEADLINE-FULLSCREEN-375x225.png
kesq.b-cdn.net/2022/06/ 110 KB
110 KB 11ms
6ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/TSR-SEISMIC-DEADLINE-FULLSCREEN-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 4d1816b25a66dde1911383733ea407c5d05a3311acd206d556dfed430ed622ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 865
x-amz-request-id: 83C5BA641B335CBA
cdn-cachedat: 06/28/2022 20:05:46
cdn-pullzone: 145650
content-length: 112329
x-amz-id-2: PzH2WVHwzdZ/7LsHc+XumSxZ3K/mYhkycW+LfInuOXqAB2gYjpqpM9s1x6h1mrZg9mAH7oD3hHJD
server: BunnyCDN-DE-632
last-modified: Tue, 28 Jun 2022 19:52:12 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 49739cea7d0e537ca2b623d7f2df9a00
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 xPBzQQ2H-DESERT-WATER-FULLSCREEN-375x225.png
kesq.b-cdn.net/2022/06/ 111 KB
112 KB 15ms
8ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/xPBzQQ2H-DESERT-WATER-FULLSCREEN-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 8884c925a54f34b805f0fc4637583a5dc6c2d5f9870d19a9b74686ae59368738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 722
x-amz-request-id: B518EA538A57B46B
cdn-cachedat: 07/19/2022 19:22:31
cdn-pullzone: 145650
content-length: 114149
x-amz-id-2: I+KuJluAH3edqsKz6r7GrL/rCrJHWwlviDvz8fzW9f0orMVUGwL7kP3RKXDUR8MhBxURJu+QzUsK
server: BunnyCDN-DE-632
last-modified: Fri, 17 Jun 2022 02:40:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 5449f4dc09a9a0519047deee56ea3172
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 WATER-WOES-STILL-375x225.png
kesq.b-cdn.net/2022/05/ 121 KB
121 KB 16ms
9ms Image
image/png 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/05/WATER-WOES-STILL-375x225.png
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: fb54dd9a2417da235948b5619ab1c65c911830c730e97720e102779d94367262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: ABD9F24C2DF61EAF
cdn-cachedat: 05/21/2022 13:27:21
cdn-pullzone: 145650
content-length: 123562
x-amz-id-2: gWbJ8lN60bXAKaDIoma8IOqOtokAlYNb/47qovHi1sYnrrNx/8njbMpIFbEL7o2e0nJmHwV9IJcT
server: BunnyCDN-DE-632
last-modified: Fri, 20 May 2022 21:42:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 86311c3120ee4efd3ce6b3267df6ec75
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 salton-sea-water-375x225.jpg
kesq.b-cdn.net/2021/05/ 15 KB
16 KB 16ms
9ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/05/salton-sea-water-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 2ae1e23ee382635d06f64397ba526734cd0c89cde579912d41f03252fecc9b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 860
x-amz-request-id: 89499E695002346E
cdn-cachedat: 07/27/2022 09:41:27
cdn-pullzone: 145650
content-length: 15441
x-amz-id-2: 93bzk2WYOpDqiU/CByY07kUNNMUOD6QZK4Zw34ckTNbAoI7nx+KTsh+eil5OQkeszH7sdwJIbq8F
server: BunnyCDN-DE-632
last-modified: Thu, 27 May 2021 02:19:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: a46db611abb29116e80e4616ed139fa1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 paradise-losr-375x225.jpg
kesq.b-cdn.net/2021/05/ 19 KB
19 KB 25ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/05/paradise-losr-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 0412324af43079788f00548e7536deaf70a16ff08b76dd2c65f767d1bd0382ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 756
x-amz-request-id: FCF58BA43101E33A
cdn-cachedat: 06/20/2022 21:48:43
cdn-pullzone: 145650
content-length: 19089
x-amz-id-2: oVOEdy0qZ75edBsDsQ2KMehLFwiGqPaHiw8RmkCpB3MGlvB6U4W36qvlqIcZC2s1z5f16ydx17Iz
server: BunnyCDN-DE-632
last-modified: Thu, 06 May 2021 02:31:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 81ddbf1836760a37b42556f1bc74a56d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dsereses-375x225.jpg
kesq.b-cdn.net/2022/07/ 25 KB
26 KB 23ms
16ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/dsereses-375x225.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 17cc83e3533194941bda74c1c2e67de68aeee7cbbc95a209d8e579466bdff0e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 756
x-amz-request-id: 43F32B5857E530E1
cdn-cachedat: 07/30/2022 04:26:16
cdn-pullzone: 145650
content-length: 25706
x-amz-id-2: KP4hagzUAyW/ArUKeQR726V/PNtFyVCs/nWkS54fmQuL2EvTZfJcxBhXdE9C71Ses2usbIT1Bp9Y
server: BunnyCDN-DE-632
last-modified: Sat, 30 Jul 2022 03:30:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: ff381d2c7b13cee93fe79049eb7d5973
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 57251-Brett-Eldredge-MTE.jpg
kesq.b-cdn.net/2022/07/ 39 KB
40 KB 21ms
15ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/57251-Brett-Eldredge-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 8661d04ebc960c2ec5e54d4adcac5518efb3774b4c252830e56402a22ca90216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 860
x-amz-request-id: 48E1034BEE632667
cdn-cachedat: 07/31/2022 16:39:03
cdn-pullzone: 145650
content-length: 40070
x-amz-id-2: ofpCxqaN/fZaybrNTwc8SiNsbDOFx5/zDc8ArElRPpHHahuuDlLrlsVgUFNQtITIWsUibRehJVCN
server: BunnyCDN-DE-632
last-modified: Wed, 13 Jul 2022 17:00:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 15fde95230284820adf18d82b150c6b5
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 57005-Cancer-Care180x108-MTE.jpg
kesq.b-cdn.net/2022/06/ 34 KB
34 KB 24ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/57005-Cancer-Care180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 47fc8777d4617343fe70714411940f12db53a742debfc8c41f536475a0ba70d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 565
x-amz-request-id: A1514690E4F37805
cdn-cachedat: 06/28/2022 17:48:01
cdn-pullzone: 145650
content-length: 34675
x-amz-id-2: 9KVLXO6VuzXEC7cOSL2Sh6DlcvfugTDpjITh3c7DZyOyakLUmHFlfFBk7FUuym1ZuqXv18KVSAKV
server: BunnyCDN-DE-632
last-modified: Tue, 28 Jun 2022 16:32:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 7bc6ed43f7777ae4a3b1c421833056df
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 56006-Summer-Movies-180x108-MTE.jpg
kesq.b-cdn.net/2022/04/ 44 KB
45 KB 30ms
24ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/04/56006-Summer-Movies-180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 2f03e25d5baaead3af88ab32882881df5e5721e7846d0407bb1680065b855481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: CA5CA9744F8D1F98
cdn-cachedat: 05/12/2022 13:55:36
cdn-pullzone: 145650
content-length: 45392
x-amz-id-2: rPYcL0Dmqaqy6ILDpZDAq85XSbOO4fz61WNE1Gyicq1MwVtaScT8zj2qMSlrjRFS78zLgBjBXXN8
server: BunnyCDN-DE-632
last-modified: Mon, 25 Apr 2022 21:43:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 92936bcffd90467d99f41d9dcf795f6f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 WaterWise-180x108-MTE.jpg
kesq.b-cdn.net/2022/04/ 41 KB
41 KB 24ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/04/WaterWise-180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 64bd403de03c6f3d2ad7ec8f39ea5e52a5528e92524a0eea686e3dc440e5b894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 632
x-amz-request-id: 02D2480439861F83
cdn-cachedat: 04/16/2022 05:56:04
cdn-pullzone: 145650
content-length: 41777
x-amz-id-2: w7d49/lljx4Be9+BsSjqD9ZqPyY/cpBARRT/9aOs3YatCFzS2PkmZm1bES7qPjYJcho+VyqWIbUE
server: BunnyCDN-DE-632
last-modified: Fri, 15 Apr 2022 21:48:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: f54b42e68d9bf332c2421eaa2b538771
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 52255-CV-Pros180x108.jpg
kesq.b-cdn.net/2021/09/ 33 KB
34 KB 22ms
17ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/09/52255-CV-Pros180x108.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 5032da8d0203f9ec6d572065c2d73012fe274e7ec53bd9f1be20905d191b653f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 874
x-amz-request-id: 5FB27360AB1FF0D4
cdn-cachedat: 05/07/2022 19:38:38
cdn-pullzone: 145650
content-length: 34039
x-amz-id-2: fu8h91mUsSxR9N+o61YEuWvulmRMP6JYWnd08ipaKIEU5e5opPznW41SAQPsenbMElltvHz8vkJ8
server: BunnyCDN-DE-632
last-modified: Sat, 25 Sep 2021 18:18:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 71d8400da309f5f7c80b30c5dfd66e4e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 57322-Back-To-School-180X108-BTS-22.jpg
kesq.b-cdn.net/2022/07/ 43 KB
44 KB 24ms
18ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/57322-Back-To-School-180X108-BTS-22.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: a067282eb49b4b9a314ed56842edf759d320ebd9f2a345d5881f0abeca117a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 632
x-amz-request-id: 5E10D05C2DEA0214
cdn-cachedat: 07/29/2022 16:47:29
cdn-pullzone: 145650
content-length: 44409
x-amz-id-2: wXe7kAa7Qhy3U4I1NqjH96SIcfynmqLNI5LLkKQsqLQK4sqxmPhCaHQcdEqNIT+JPPVbmN61YLD5
server: BunnyCDN-DE-632
last-modified: Fri, 29 Jul 2022 14:14:07 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 941f8611d11591249a62243c5621f123
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 56450-Summer-Cutest-Pet-2022-180x108-MTE.jpg
kesq.b-cdn.net/2022/06/ 46 KB
46 KB 25ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/56450-Summer-Cutest-Pet-2022-180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: a130d8783fcc312003c082308a6c9dad1abe6324bded170285170556e92fbc82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: F505EA7397242714
cdn-cachedat: 06/10/2022 02:13:37
cdn-pullzone: 145650
content-length: 46721
x-amz-id-2: TyYH9mzAIien8aef+kt9mVnQ02gQo/VKta7lEpLKfOTIWkTb7x0ikV/QzBW0rXOB8+HcXB+4vIPc
server: BunnyCDN-DE-632
last-modified: Thu, 09 Jun 2022 22:05:46 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 7cefc34d4b7c81c6367ac7410a425516
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 52255-CV-Pros-180x108-1.jpg
kesq.b-cdn.net/2021/09/ 35 KB
36 KB 23ms
17ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/09/52255-CV-Pros-180x108-1.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 1e600a7debd226f2859e7f861535e22b0580cd80f956a1e586b680440cd9048d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 864
x-amz-request-id: 3FD46CF29474B794
cdn-cachedat: 05/07/2022 19:38:38
cdn-pullzone: 145650
content-length: 36158
x-amz-id-2: P5CHVEmt0cHdMaNl59T9QI3UKOyS39K0QmoOalmd8uwOFmJnlxEpfPhcScEbOig1DPARARmbuDZy
server: BunnyCDN-DE-632
last-modified: Sat, 25 Sep 2021 18:13:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: c737494a19b66afc33433df2f80b35ec
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 57353-St.-Jude-180x108-NTE.jpg
kesq.b-cdn.net/2022/07/ 40 KB
40 KB 24ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/07/57353-St.-Jude-180x108-NTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 427cd20c734ff44e69a44da468c62e73c947b22754f6b970483f253c5c322fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: 87D699281158A73E
cdn-cachedat: 07/20/2022 22:02:35
cdn-pullzone: 145650
content-length: 40556
x-amz-id-2: CrpL0dxWWpdHip2b9/IwvmyuAnkLSNwUgXW2kNre+X8QEM4rHDdVivjfHtFHlaxufJv7i9OKwZBC
server: BunnyCDN-DE-632
last-modified: Wed, 20 Jul 2022 21:50:21 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: f57dd1fda191f83d36dea5a0f8640ca8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 52255-N-Heroes-180x108-1.jpg
kesq.b-cdn.net/2021/09/ 42 KB
42 KB 29ms
24ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/09/52255-N-Heroes-180x108-1.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 2356e0cfa404452ba162bd881ff100ec108eae5a91b5566a922fc66b78a7096e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 722
x-amz-request-id: BF6966DEEFD84560
cdn-cachedat: 07/19/2022 22:55:49
cdn-pullzone: 145650
content-length: 42655
x-amz-id-2: zkHUuuapX5XJuZ1l9uCl4MSv7JjkZa8Zpi+I0yzPFedIDYHaUJuITV93FJKRrICcSzk/QgZZcMP6
server: BunnyCDN-DE-632
last-modified: Sat, 25 Sep 2021 18:23:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 954065495a61922633f9db37528ed16b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 55021-Lunch-On-Us-180x108-1.jpg
kesq.b-cdn.net/2022/02/ 51 KB
51 KB 23ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/02/55021-Lunch-On-Us-180x108-1.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: a40a9f2b83260352c8de2058afb7e1af11e48500a14432c4cbc0b72afac6fb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 756
x-amz-request-id: EDFBA310A8B8FF1B
cdn-cachedat: 06/10/2022 03:55:21
cdn-pullzone: 145650
content-length: 51913
x-amz-id-2: Tj/0bOXFoWecK/bdjwej/k6igLxYpyQILTyTGkKBei4Qt15UA/tTqhnp4GJ6aRrimfurstxtk76p
server: BunnyCDN-DE-632
last-modified: Mon, 28 Feb 2022 13:38:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 20e83e77f102ca00b472f9dfeca70a1b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 375x225-Golf-Card-2022-375x225.jpeg
kesq.b-cdn.net/2022/06/ 39 KB
40 KB 28ms
24ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/375x225-Golf-Card-2022-375x225.jpeg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: ae29c0a50b015d25bc4ab4a1d3e50394cca8718506906c57667690dd3ac94f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: CA33A30FD5D81ADE
cdn-cachedat: 06/03/2022 05:59:23
cdn-pullzone: 145650
content-length: 39957
x-amz-id-2: QYYaN4NACcv6xjXnzYDgnN8Oxv9jp+x5/O790NRyNl14YWd46POuU6pNoFAKQ7KObSu5FuykWB6e
server: BunnyCDN-DE-632
last-modified: Fri, 03 Jun 2022 04:47:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 5c40d64cfcbf1f6e8925aa305c9936e9
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 56908-GG-180x108-1.jpg
kesq.b-cdn.net/2022/06/ 40 KB
40 KB 23ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/06/56908-GG-180x108-1.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 5211252d758f7c993c7a8e2856e21c1867dbb7d18d40fc8749a5b98e6ac3734a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 752
x-amz-request-id: 7A9CAD6986EA8C0E
cdn-cachedat: 07/19/2022 22:55:49
cdn-pullzone: 145650
content-length: 40448
x-amz-id-2: QdEkIvTvv8s6Y2aomCQHRb/T/e4CZIArIHauOyN9SSCWsyTZaUH/nkqxFn6scVLfDUKCeFP3n1GR
server: BunnyCDN-DE-632
last-modified: Fri, 17 Jun 2022 20:09:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 30cfccb2fb7a6ca7507d067fd00b1212
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 52802-Now-Hiring-180x108-MTE.jpg
kesq.b-cdn.net/2021/10/ 45 KB
46 KB 23ms
19ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2021/10/52802-Now-Hiring-180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 81f719850af306fd520440a0b395b8a7b08130455f7d89227f986cbb2137991d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: C825F8422114BF50
cdn-cachedat: 05/12/2022 19:48:11
cdn-pullzone: 145650
content-length: 46458
x-amz-id-2: VSB0HGQ9fw0kQ8wCeJ3UqpblapamAZYn6CnighIkOCEZYhATF5meJcTHEeNZRbvBSaiYxuPtSA3L
server: BunnyCDN-DE-632
last-modified: Tue, 26 Oct 2021 17:46:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: c43de6f08cd66a745c9dd3da34d5e33f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 54113-Birthday-Wishes-180x108-MTE.jpg
kesq.b-cdn.net/2022/01/ 41 KB
41 KB 28ms
24ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/01/54113-Birthday-Wishes-180x108-MTE.jpg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: 727052d8743a436049aaf9aa8a70de0d2492ce136b24879ae366f3ee9835ca10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
cdn-edgestorageid: 863
x-amz-request-id: FCB4355B7D9CB599
cdn-cachedat: 05/12/2022 19:48:11
cdn-pullzone: 145650
content-length: 41892
x-amz-id-2: kcwbspVR8XSFobZD0IqT0gPEjNBtlAERyTxJXpQ1Gtxbjc7ssqxj6kpumbmiNUdk+5wyp0uBKE1s
server: BunnyCDN-DE-632
last-modified: Tue, 04 Jan 2022 15:56:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 231a883a065a18fea52edec8c9aaa51c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
15 B 151ms
121ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ifilter.js Show response
pymx5.com/ad-rendring/src/ 56 KB
56 KB 33ms
32ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/ad-rendring/src/ifilter.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:45:19 GMT
age: 1290
x-guploader-uploadid: ADPycdv1P2xbh3UFM6gn1C7w3kP6ihquzuqs8MBGwxRl_ERq7g868hF8J7SZP3ZH77JW8qsGlfC6e4Foa81mwD4oXr5p5TVK9VGr
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57026
last-modified: Thu, 25 Jun 2020 05:25:47 GMT
server: UploadServer
etag: "f7990efed3936d14d55077c3722ffac4"
x-goog-hash: crc32c=JzgInw==, md5=95kO/tOTbRTVUHfDci/6xA==
x-goog-generation: 1593062747313466
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 57026
accept-ranges: bytes
content-type: application/javascript

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
96 B 542ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=XRkgn_HlBJiEm
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 4 KB
2 KB 99ms
31ms XHR
application/json 54.229.139.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=kesq&url=https%3A%2F%2Fkesq.com%2F&bid=XRkgn_HlBJiEm%23%24TVxBr&at=Home%20-%20KESQ&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.139.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-139-225.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: a71a49736f4600c7295cf188d2a472e4019624631d5e1481a8829cf0fc9b944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 86ms
17ms Script
application/x-javascript 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=8269
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 0B0CA0B90C88DB3A
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=20448
accept-ranges: bytes
content-length: 55696
x-amz-id-2: pjbrJFbt4QFRzKYMM5XzevVYn7TQUBxhW0n53CWVULC77/Xh7qs+EZWLr8k9n7lfgRjcD0Xe9pU=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 29ms
29ms Image
image/gif 54.170.230.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=320273&ntv_pl=376325
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 28ms
28ms Image
image/gif 54.170.230.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=376325&ntv_gdpr_consent=&ntv_it
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:49 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK widgets.css
s3.amazonaws.com/content.secondspace.com/kesq/ 25 KB
25 KB 418ms
114ms Stylesheet
text/css 54.231.135.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.css
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.135.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ad091945f95bfc12e0357ca55091db4b47229abd21efaced6b849db605c13997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Last-Modified: Tue, 07 Jul 2020 23:19:46 GMT
Server: AmazonS3
x-amz-request-id: FAX763P70H9A2V8N
ETag: "8996ca1af7b8044a6524d88363692cd1"
Content-Type: text/css
Cache-Control: max-age=600, public
Accept-Ranges: bytes
Content-Length: 25110
x-amz-id-2: tg5sAYpCY/i7E9gOJbNkgeBqfY6u5d5uJ6gsZAHPTMLPLHuv+y5kgk2FyGnhNBPf/wrqHap8U0A=

GET
H/1.1 200
OK widgets.js Show response
s3.amazonaws.com/content.secondspace.com/kesq/ 50 KB
51 KB 421ms
117ms Script
application/javascript 54.231.135.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.135.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 67756f3d98f02b4e864a41b07d31df218bd75dfd36676864d22c314880e68964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Last-Modified: Tue, 29 Mar 2022 08:30:35 GMT
Server: AmazonS3
x-amz-request-id: FAXC4DQ5JJ4Z9ATC
ETag: "50348b891a00062140f23e55dd3dec85"
Content-Type: application/javascript
Cache-Control: public, max-age=600
Accept-Ranges: bytes
Content-Length: 51512
x-amz-id-2: 4B6VP+E1xlb+N8cWcMeN1RhZafpDj7cpMvaICENJdHQthBrIFSgssbdBieyzzEGnvFIMBaMJjHw=
Expires: Tue, 29 Mar 2022 08:40:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 154ms
74ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T7ZNM1KRXQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e97a716014f8a6fcb6f8c2cd421db6458078667f9320aaf225c509f61940b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73061
x-xss-protection: 0
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 113ms
18ms Script
text/javascript 184.51.9.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding: br
last-modified: Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id: MPYD45708FXH0BZ4
etag: "f92f25ba5af332861dc8cea3da5eb278"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Sun, 31 Jul 2022 20:06:50 GMT
accept-ranges: bytes
content-length: 4779
x-amz-id-2: 0kqKFaqCblwMouM3PrM7kapg6LYD+SBz8wxEHs0o62VTjxw0lqFciVtkmuSjkYK70NJzdU0AFIs=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 130ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19610616-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK2B25D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80667449ce01c4b2db6007832fc496ca185c012dbff31e424855557c0e54ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41857
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 PreEngine_desktop_2021-09-30T14:31:30.224.js Show response
cdn.browsiprod.com/static_js/newspressandgazette/kesq/ 313 B
840 B 23ms
8ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/static_js/newspressandgazette/kesq/PreEngine_desktop_2021-09-30T14:31:30.224.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecf1d2dc28a8fe2332483cfa144e98791181a2e7ffcc500a16828c1d0a6da947

Request headers

Referer: https://kesq.com/
Origin: https://kesq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 22:14:17 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 26257952
x-cache: Hit from cloudfront
content-length: 313
last-modified: Thu, 30 Sep 2021 14:31:31 GMT
server: AmazonS3
etag: "e21c1feaa39b333d3ce7bc72499252e2"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0_Z9aGgy8AeYyU30z9L8UTxCsJAuhRjD
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: FDNFio-kwHFWB2ZfKU9FFT9QLnqNfUlQzARLokfJyoBsvZELwtXh-Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
29ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19610616-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3653
date: Sun, 31 Jul 2022 19:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 31 Jul 2022 21:05:57 GMT

GET
H2 200 middy-desktop-4.5.14.js Show response
cdn.browsiprod.com/sd/apps/middy/ 315 KB
72 KB 9ms
9ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10712d1d0f043cd68bf8d473908b5eaab53bedf3c8d6814aa966d2e9b0a660a8

Request headers

Referer: https://kesq.com/
Origin: https://kesq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:11:23 GMT
content-encoding: br
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1158927
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 08:15:01 GMT
server: AmazonS3
etag: W/"2fbddac4c7d0ea771e0be3a9f89edd3e"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 9V8Vg1I8KxxRUjPl7O3gftZgMAdLdMHB
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: RoXM76bW-G325LW37q2ufXhAWhWKN27qAzIw2xi0TBo-qotIjYJtGA==

GET
H2 200 embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
squareoffs.com/assets/ Frame ECF8 879 KB
179 KB 12ms
11ms Stylesheet
text/css 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b178d08dd794146a6ed4c41b530bc359e93d62514c38225b12b94c0721b241c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 223946
x-cache: HIT, HIT
content-encoding: gzip
content-length: 183298
x-served-by: cache-iad-kiad7000033-IAD, cache-hhn4068-HHN
last-modified: Fri, 17 Jun 2022 09:14:36 GMT
server: Cowboy
x-timer: S1659298010.971012,VS0,VE3
strict-transport-security: max-age=300
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 200 post-robot.min.js Show response
cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/ Frame ECF8 35 KB
11 KB 18ms
8ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/post-robot@10.0.31/dist/post-robot.min.js

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4652681
x-jsd-version: 10.0.31
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10439
etag: W/"8c91-4tolZ9EHvQcS/uS8uVDaaleUth0"
x-served-by: cache-fra19129-FRA, cache-hhn4057-HHN
x-jsd-version-type: version
date: Sun, 31 Jul 2022 20:06:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js Show response
squareoffs.com/assets/ Frame ECF8 378 KB
111 KB 10ms
9ms Script
application/javascript 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:49 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 203024
x-cache: HIT, HIT
content-encoding: gzip
content-length: 113053
x-served-by: cache-iad-kcgs7200171-IAD, cache-hhn4068-HHN
last-modified: Tue, 03 May 2022 05:02:03 GMT
server: Cowboy
x-timer: S1659298010.971157,VS0,VE3
strict-transport-security: max-age=300
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
97 B 367ms
166ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

GET
H2 200 SO_Loading-93680d9f1945984982911018214062b31443f5e4b4311fd8cffcc18662f52cec.gif
squareoffs.com/assets/ Frame ECF8 34 KB
35 KB 10ms
10ms Image
image/gif 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/SO_Loading-93680d9f1945984982911018214062b31443f5e4b4311fd8cffcc18662f52cec.gif

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4fa4ebe6b7dc050955af61f44380639a2a21b56bbfec71df6697f8dff521b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
age: 32174
x-cache: HIT, HIT
fastly-io-info: ifsz=35236 idim=48x48 ifmt=gif ofsz=35151 odim=48x48 ofmt=gif ofrm=210
fastly-stats: io=1
content-length: 35151
x-served-by: cache-iad-kjyo7100052-IAD, cache-hhn4068-HHN
server: Cowboy
x-timer: S1659298010.037357,VS0,VE2
etag: "NMe6krn+CSZ0GKkOUa4HNWHaiArY+qMhtAhDf6okV6g"
vary: Accept
strict-transport-security: max-age=300
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame ECF8 49 KB
20 KB 90ms
30ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3653
date: Sun, 31 Jul 2022 19:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 31 Jul 2022 21:05:57 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame ECF8 118 KB
30 KB 108ms
7ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
etag: "kVQ9bYjc9nNVTXISAKx8jA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 07 Aug 2022 20:06:50 GMT

GET
H2 200 8269 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
270 B 222ms
141ms Script
application/x-javascript 23.47.209.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/8269?t=2022631201
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-169.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
last-modified: Tue, 18 Nov 2014 20:18:12 GMT
server: AmazonS3
x-amz-request-id: D18141D8EC402DB6
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=1991
date: Sun, 31 Jul 2022 20:06:50 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: a3nqrYkX0uLDQTqYT0p4d4yXfDe3iUm3lNHlMr14deKa50x/U6fS7nhpqBRF4d3+PPhS1/V2lbs=

GET
H2 200 682465af888e294f1aff5073c5668680 Show response
npgco.blueconic.net/plugin/plugin/ 161 KB
38 KB 98ms
98ms Script
text/javascript 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

5d7e73acdc9932a7e08da0d7549e6205b759f3e586089107517fc1348dc70d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Jul 2022 20:06:50 GMT
server: -
etag: 682465af888e294f1aff5073c5668680
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 38306
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 20:06:50 GMT

GET
H2 200 proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff
squareoffs.com/assets/ Frame ECF8 23 KB
24 KB 8ms
8ms Font
application/font-woff 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/proximanova-regular-webfont-a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43.woff

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
Origin: https://squareoffs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 399261
x-served-by: cache-iad-kiad7000083-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/font-woff
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298010.162997,VS0,VE2
content-length: 23956
x-cache-hits: 2, 1

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
331 B 158ms
61ms XHR
text/plain 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_11379&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=5b1da8a&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:50 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://kesq.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 interface
s8t.teads.tv/logs/publishers/ 0
0 99ms
34ms Image
text/plain 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/publishers/interface?sharedIdsCount%7CPUB_11379%7C0%7C%5B%5D
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
36ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=934942832&t=pageview&_s=1&dl=https%3A%2F%2Fkesq.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20KESQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=42298054&gjid=878600820&cid=1223097823.1659298010&tid=UA-19610616-1&_gid=108756936.1659298010&_r=1&gtm=2ou7r0&z=379669605

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kesq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fw-widget.js Show response
feed.mikle.com/js/ Frame 34B7 706 B
795 B 98ms
97ms Script
application/javascript 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.mikle.com/js/fw-widget.js?v=1.2

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-138-68.compute-1.amazonaws.com

Software

nginx /

Resource Hash

33c3d4cd5225958f1d3cf773cf175941e6cdccb7b50d6f32b7fdadd84056ba98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 05:55:15 GMT
server: nginx
etag: W/"624a8843-2c2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-xss-protection: 0
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
kesq.com/wp-json/wp/v2/ 171 KB
18 KB 146ms
146ms XHR
application/json 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-json/wp/v2/

Requested by

Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3796c3c2b32c8905b67fe633670145d06f5967da61e0ba2505f67e868b441f45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kesq.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-styx-req-id: 552c4e00-110b-11ed-9b66-bad65bb3fe92
age: 421
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-cache: HIT, MISS
allow: GET
x-cache-hits: 34, 0
vary: Accept-Encoding, Origin
content-length: 17038
x-xss-protection: 1; mode=block;
x-served-by: cache-chi-klot8100109-CHI, cache-hhn4050-HHN
link: <https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: origin-when-cross-origin
server: nginx
traceparent: 00-5f4fbb19cda04d1cb26ef9f4f11345d3-c5733fd26cf67494-00
x-timer: S1659298010.257254,VS0,VE130
date: Sun, 31 Jul 2022 20:06:50 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security: max-age=31622400
content-type: application/json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
x-cloud-trace-context: 5f4fbb19cda04d1cb26ef9f4f11345d3/14227785820797301908;o=0
cache-control: public, max-age=2400
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor: yes
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname: styx-fe1-a-6d9bbf99db-f9s8n

GET
H2 200 livestream-active Show response
kesq.com/wp-json/alerts/v2/ 26 B
378 B 336ms
335ms XHR
application/json 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-json/alerts/v2/livestream-active?_=1659298009385

Requested by

Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kesq.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-styx-req-id: 5051f5d4-110c-11ed-93b4-9ecc4c125464
age: 0
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-cache: MISS, MISS
allow: GET
x-cache-hits: 0, 0
vary: Accept-Encoding, Origin
content-length: 44
x-xss-protection: 1; mode=block;
x-served-by: cache-chi-kigq8000102-CHI, cache-hhn4050-HHN
link: <https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: origin-when-cross-origin
server: nginx
traceparent: 00-310a331f39f34525b332f06b1a8a4b2d-00d2b7273ae7db04-00
x-timer: S1659298010.257223,VS0,VE322
date: Sun, 31 Jul 2022 20:06:50 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security: max-age=31622400
content-type: application/json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
x-cloud-trace-context: 310a331f39f34525b332f06b1a8a4b2d/59311124229118724;o=0
cache-control: no-cache, must-revalidate, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor: yes
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-46rjv

GET
H2 200 output-module Show response
kesq.com/wp-json/alerts/v2/ 14 KB
2 KB 432ms
432ms XHR
application/json 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kesq.com/wp-json/alerts/v2/output-module?_=1659298009386

Requested by

Host: kesq.com
URL: https://kesq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fd605315fcaf4a6e974ee1cea4503971d733e36971ec2bfe9129be308a61f4bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kesq.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-styx-req-id: 5052a2ba-110c-11ed-aa50-0eb33d3847cf
age: 0
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-cache: MISS, MISS
allow: GET
x-cache-hits: 0, 0
vary: Accept-Encoding, Origin
content-length: 1014
x-xss-protection: 1; mode=block;
x-served-by: cache-chi-kigq8000080-CHI, cache-hhn4050-HHN
link: <https://kesq.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: origin-when-cross-origin
server: nginx
traceparent: 00-439a995ecd434f3abb6d01d2f7d58f6f-88a8cbc85ff86058-00
x-timer: S1659298010.261026,VS0,VE425
date: Sun, 31 Jul 2022 20:06:50 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), camera=(), magnetometer=(), microphone=(), usb=(), vr=()
strict-transport-security: max-age=31622400
content-type: application/json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
x-cloud-trace-context: 439a995ecd434f3abb6d01d2f7d58f6f/9847344646709600344;o=0
cache-control: no-cache, must-revalidate, max-age=0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; vr 'none';
x-distributor: yes
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-wvsb4

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 119ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T7ZNM1KRXQ&gtm=2oe7r0&_p=934942832&_z=ccd.v9B&cid=1223097823.1659298010&ul=en-us&sr=1600x1200&_s=1&sid=1659298010&sct=1&seg=0&dl=https%3A%2F%2Fkesq.com%2F&dt=Home%20-%20KESQ&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7ZNM1KRXQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kesq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 selections Show response
squareoffs.com/embeds/4847/ Frame ECF8 24 KB
5 KB 203ms
203ms XHR
application/json 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/embeds/4847/selections?feed_size=small&soid=

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

aef28f4f7d4f257ebf19d6bdca1585fb003fb4316f2f2d0db79e41d10fa7c691

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosnif
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Accept: */*
X-NewRelic-ID: VgYAVFFWGwIEUVhaDwg=
X-CSRF-Token: DnAZBRvMcjB3+Zu32rP5C/A+j61AHroCcWgGc3BZUZS4NnYbTWSA4Hn8t0GTskpxCVrGPBVd4ncCopN2pgex9A==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://squareoffs.com/embeds/4847?feed_size=small

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-request-method: *
x-content-type-options: nosnif
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 0
x-request-id: 52921d82-e546-4ead-a943-d0a2b9bd59f3
x-served-by: cache-iad-kiad7000080-IAD, cache-hhn4068-HHN
x-runtime: 0.090408
x-newrelic-app-data: PxQFUVFWDwYTVVVXDgkPX0YdFHANCBcQXw5UB0oXUV9RAF0SHhJWDgFVQwgJDUsRHFBPWgAFBQNJAQMfUkhTWwJUDVAPAQMECl0AVgVXAk5JBxtDVVsIAVVUUlZTUg9SVAcCB0BKBQNcEV0/
server: Cowboy
x-timer: S1659298010.294134,VS0,VE197
x-frame-options: ALLOWALL
etag: W/"aef28f4f7d4f257ebf19d6bdca1585fb"
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: Sun, 31 Jul 2022 20:07:20 GMT
cache-control: max-age=30, public
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 56ms
18ms XHR
text/plain 2a00:1450:4025:402::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19610616-1&cid=1223097823.1659298010&jid=42298054&gjid=878600820&_gid=108756936.1659298010&_u=YAhAAUAAAAAAAC~&z=1677012138

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 31 Jul 2022 20:06:50 GMT
content-type: text/plain
access-control-allow-origin: https://kesq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 9ms
8ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://kesq.com/
Origin: https://kesq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
age: 47162
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
date: Sun, 31 Jul 2022 07:00:49 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: GN3ya5p2vlIwJhe8Wcz3ciVIeCLAzOfPzQdjQP0EL6zG23gXVrEN2A==

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
166ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
96 B 178ms
178ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

GET
H/1.1 200
OK desktop Show response
demand-engine.browsiprod.com/sra/ 1 KB
850 B 124ms
33ms XHR
application/json 63.33.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/sra/desktop?sk=kesq&pk=newspressandgazette&pvid=4bf1b110-da4d-4759-8f55-bd32745bba3a&aid=kesq_-727983220_-1592112820&sid=87755b72-f884-462b-af40-dc68903f2b32%26false%26false%26DEFAULT%26de%26desktop-4.5.14%26false&mch=5132&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5537&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ais=0&fs=2.28&lls=false&sts=dynamic_mc&ets=b&als=1540&pts=in-line%2Cwithin%20main%20content&ss=&dis=0&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f3088ba845d99fb2cbb69af1a532c8bc9a4888e96f016fcc28fd0cbfaa8f2b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kesq.com
Date: Sun, 31 Jul 2022 20:06:50 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json

GET
H3 200 jquery.cycle2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.cycle2/2.1.6/ 22 KB
7 KB 40ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.cycle2/2.1.6/jquery.cycle2.min.js

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4572134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6294
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-59c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPx%2BYFesoMijyE%2FN49mH9UCManUyZNI3eZsLMgABJ0SrAJe%2B0wslPCPEUl7hL%2BFV9DNwvWd%2BRbXpgEjR3leX%2B2%2Bp3x41vQWvJYvXPyxnbcwP93bFgs417NHampovW8DXV2jubTQcF3Q36gKzHIyAiESh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7338f4f4dc3f5c80-FRA
expires: Fri, 21 Jul 2023 20:06:50 GMT

GET
H2 200 hDrUDDtC-App-Download-Promo-Box.jpeg
kesq.b-cdn.net/2022/01/ 126 KB
127 KB 7ms
7ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kesq.b-cdn.net/2022/01/hDrUDDtC-App-Download-Promo-Box.jpeg
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-632.bunnyinfra.net
Software: BunnyCDN-DE-632 /
Resource Hash: f1c0dbc47d7191146dca50ad89abaa1f6c78e45503e7f9c96d211f28e528c598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
cdn-edgestorageid: 863
x-amz-request-id: 1236481CD8727243
cdn-cachedat: 05/12/2022 08:22:23
cdn-pullzone: 145650
content-length: 129359
x-amz-id-2: EqxyxTg89ghA9NF+Nk3IP+i5OI18LYqwd++mmzMcFpns4FrNA7a+59N3U0cGQZEVC4IR8M+1JwMV
server: BunnyCDN-DE-632
last-modified: Tue, 18 Jan 2022 22:29:34 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 36643e12-bcc9-462c-a2f6-5d8210d81cb3
cache-control: public, max-age=2592000
cdn-requestid: 6e954802d6c11a174ff100f4c9b39b82
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 168ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 168ms
168ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

GET
H/1.1 200
OK desktop Show response
demand-engine.browsiprod.com/single/ 921 B
798 B 120ms
36ms XHR
application/json 63.33.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=false&ai=500&f=1.14&rc=0&ll=false&st=api&et=b&al=162&di=0&pt=in-line%2Cwithin%20main%20content&div=rectangle-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=4bf1b110-da4d-4759-8f55-bd32745bba3a&aid=kesq_-727983220_-1592112820&sid=87755b72-f884-462b-af40-dc68903f2b32%26false%26false%26DEFAULT%26de%26desktop-4.5.14%26false&mch=5156&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5561&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 962b13ce46569ac3c689618866b45bf1f55f10cac906df470b168df204b293a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kesq.com
Date: Sun, 31 Jul 2022 20:06:50 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK desktop Show response
demand-engine.browsiprod.com/single/ 937 B
811 B 126ms
37ms XHR
application/json 63.33.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=false&ai=501&f=1.1&rc=0&ll=false&st=api&et=b&al=122&di=1&pt=in-line%2Cwithin%20main%20content&div=leaderboard-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=4bf1b110-da4d-4759-8f55-bd32745bba3a&aid=kesq_-727983220_-1592112820&sid=87755b72-f884-462b-af40-dc68903f2b32%26false%26false%26DEFAULT%26de%26desktop-4.5.14%26false&mch=5156&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5561&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2d6296e7a7bc233e2837215191956ef3193ef452539448dce8063575e2a27ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kesq.com
Date: Sun, 31 Jul 2022 20:06:50 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 rules-p-KD6rdRn9TY0Kx.js Show response
rules.quantcount.com/ Frame ECF8 3 B
454 B 42ms
11ms Script
application/javascript 2600:9000:20eb:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-KD6rdRn9TY0Kx.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 07:05:46 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 46865
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:28:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: viLMhoyV76r43x4aEUxcOc9tXMWMxQBmm00EHKHoyjBGPs4IlSZ9uQ==

GET
H2 200 / Show response
feed.mikle.com/widget/v2/153514/ Frame 34B7 5 KB
2 KB 102ms
102ms Document
text/html 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading

Requested by

Host: feed.mikle.com
URL: https://feed.mikle.com/js/fw-widget.js?v=1.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-138-68.compute-1.amazonaws.com

Software

nginx /

Resource Hash

86907b32661b18f6fe7903b67b5933da102eff4b7e9ae82d871072500caea2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=180
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 31 Jul 2022 20:06:50 GMT
expires: Sun, 31 Jul 2022 20:09:50 GMT
permissions-policy: geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 42030debf979299b2f11c9bd0a9b898b Show response
npgco.blueconic.net/plugin/library/ 250 KB
73 KB 99ms
98ms Script
text/javascript 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/plugin/library/42030debf979299b2f11c9bd0a9b898b

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

2b59ca8bb148dd09702bfd517affa8fcfd4311768872e7d51ba1978672e44984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Jul 2022 20:06:50 GMT
server: -
etag: 42030debf979299b2f11c9bd0a9b898b
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 73688
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 20:06:50 GMT

POST
H2 200 LB-Zone-1 Show response
npgco.blueconic.net/DG/DEFAULT/rest/rpc/570/ 2 KB
1 KB 194ms
194ms XHR
application/json 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/570/LB-Zone-1?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=&bctempid=ca7739cf-7ae5-422c-ad86-02024315260f&overruleReferrer=&time=2022-07-31T20%3A06%3A50%2B00%3A00&ts=1659298010384

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

705e131cf96d355364f44e9309008ccbaa0ab3933d66ea211df5526d04bdd237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://kesq.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 853
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 v2 Show response
api.viafoura.co/v2/kesq.com/bootstrap/ 6 KB
3 KB 367ms
140ms XHR
application/json 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/kesq.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c350eb03b9a365a284c6d3ecf2fcfc24f7e3d4b4b6fe71ccf0208e0103b1e376

Request headers

Accept: application/json, text/plain, */*
Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-00e58b1e191a9a4d8
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://kesq.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Sun, 31 Jul 2022 20:06:51 GMT

OPTIONS
H2 204 v2
api.viafoura.co/v2/kesq.com/bootstrap/ Frame 0
0 358ms
112ms Preflight 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/kesq.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kesq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: https://kesq.com
access-control-max-age: 1728000
cache-control: max-age=0
date: Sun, 31 Jul 2022 20:06:50 GMT
expires: Sun, 31 Jul 2022 20:06:50 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 tvp.js Show response
snippet.tldw.me/tv/0.41.42/ Frame F3FA 194 KB
50 KB 94ms
59ms Script
application/javascript 2606:4700:10::6816:4aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.tldw.me/tv/0.41.42/tvp.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e55f91c93608caf7f0227cd0fb05c71da80ed304818d221d894ab302d0189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-length: 50593
last-modified: Wed, 27 Jul 2022 08:25:19 GMT
server: cloudflare
etag: "1658910319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1659298010.dop122.am5.t,1659298010.cds123.am5.shn,1659298010.dop122.am5.t,1659298010.cds252.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31148430
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7338f4f56d3a9046-FRA
access-control-allow-headers: Content-Type

GET
H2 200 mi-1.13.9.2.js Show response
snippet.minute.ly/publishers/30430/ 182 KB
50 KB 56ms
28ms Script
application/javascript 2606:4700:20::ac43:48f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-30430.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924

Request headers

Referer: https://kesq.com/
Origin: https://kesq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hw: 1659298010.dop219.am5.t,1659298010.cds232.am5.c
last-modified: Wed, 22 Apr 2020 12:51:10 GMT
server: cloudflare
etag: W/"1587559870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qswYQjSIMujLg8BAkXvovOrUl6r1T%2BHn%2B7CG4j34gHBszwNjZ9GduojlX53sDywb0IrnMSpI8lmkHssdzoFBBHU6DfowmEj5HzOK0o1dtBLBtPgOeqxmxI9P4gF4RxTIB8Jc5OutzZtH36LvD1C3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=8987372
access-control-allow-credentials: true
cf-ray: 7338f4f55a389a1d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pixel;r=590404167;rf=0;a=p-KD6rdRn9TY0Kx;url=https%3A%2F%2Fsquareoffs.com%2Fembeds%2F4847%3Ffeed_size%3Dsmall;ref=https%3A%2F%2Fkesq.com%2F;uht=2;fpan=1;fpa=P0-1776032056-1659298010434;pbc=;ns=1;ce...
pixel.quantserve.com/ Frame ECF8 35 B
371 B 52ms
12ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=590404167;rf=0;a=p-KD6rdRn9TY0Kx;url=https%3A%2F%2Fsquareoffs.com%2Fembeds%2F4847%3Ffeed_size%3Dsmall;ref=https%3A%2F%2Fkesq.com%2F;uht=2;fpan=1;fpa=P0-1776032056-1659298010434;pbc=;ns=1;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;d=squareoffs.com;dst=0;et=1659298010434;tzo=0;ogl=

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 newspressandgazette--6.13.0-1655967656946.js Show response
cdn.browsiprod.com/prebid/ 390 KB
105 KB 8ms
8ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/prebid/newspressandgazette--6.13.0-1655967656946.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e21f797e4abd86dc3ab738e767662c269c792481307dd66663eb8117e3d82bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 07:11:48 GMT
content-encoding: br
last-modified: Thu, 23 Jun 2022 07:10:52 GMT
server: AmazonS3
age: 3329703
etag: W/"620d3bafb062c568fb0ccd0d9dd5116c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yVd8Qu6dCOUyGdSMrhl1pS.AJCWLrhnJ
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 52r3xmxIBtBo_E37QAkn9kPQyPGq0MEo8ilXinJ4-KwAa-YnIU85tg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 34B7 95 KB
34 KB 109ms
46ms Script
text/javascript 2a00:1450:4014:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 18:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 18:07:05 GMT

GET
H2 200 squares.svg
feed.mikle.com/images/ Frame 34B7 707 B
775 B 101ms
101ms Image
image/svg+xml 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feed.mikle.com/images/squares.svg?v=1580871352

Requested by

Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-138-68.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Feb 2020 02:55:52 GMT
server: nginx
etag: W/"5e3a2eb8-2c3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-xss-protection: 0
cache-control: max-age=315360000
permissions-policy: geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ECF8 147 KB
51 KB 148ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16999c0de978117617756aea20c61fa832e8e5beab55536a249563e059e08717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51772
x-xss-protection: 0
server: cafe
etag: 17218315745118058551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 31 Jul 2022 20:06:50 GMT

PUT
H2 204 update Show response
squareoffs.com/embed_stats/ Frame ECF8 0
866 B 121ms
121ms XHR
text/plain 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/embed_stats/update

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosnif
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

X-NewRelic-ID: VgYAVFFWGwIEUVhaDwg=
X-CSRF-Token: DnAZBRvMcjB3+Zu32rP5C/A+j61AHroCcWgGc3BZUZS4NnYbTWSA4Hn8t0GTskpxCVrGPBVd4ncCopN2pgex9A==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://squareoffs.com/embeds/4847?feed_size=small
X-Requested-With: XMLHttpRequest

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-request-method: *
x-content-type-options: nosnif
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-xss-protection: 0
x-request-id: b8fd9f4f-3dcb-4961-a4fb-4dd53c0d4a46
x-served-by: cache-iad-kcgs7200166-IAD, cache-hhn4068-HHN
x-runtime: 0.016007
x-newrelic-app-data: PxQFUVFWDwYTVVVXDgkPX0YdFHANCBcQXw5UB0oXUV9RAF0+QhVSFhcZQhECAkxWEkhWTAUAA1cBHAYGTlZNUgFVCVEJAAQHB1QAWANQC1VRGhpQSkFcVVUBVwEFUFJVAgECVgNWQU5WA1QRXWU=
server: Cowboy
x-timer: S1659298011.508017,VS0,VE114
x-frame-options: ALLOWALL
strict-transport-security: max-age=300
access-control-allow-origin: *
expires: Sun, 31 Jul 2022 20:07:20 GMT
cache-control: max-age=30, public
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg
squareoffs.com/assets/ Frame ECF8 965 B
1 KB 9ms
8ms Image
image/svg+xml 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/share-12x12-94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163.svg

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 460572
x-served-by: cache-iad-kjyo7100147-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.511985,VS0,VE1
content-length: 965
x-cache-hits: 29415, 1

GET
H2 200 proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff
squareoffs.com/assets/ Frame ECF8 26 KB
26 KB 10ms
9ms Font
application/font-woff 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/proximanova-light-webfont-85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8.woff

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
Origin: https://squareoffs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 457386
x-served-by: cache-iad-kjyo7100091-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/font-woff
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.512736,VS0,VE1
content-length: 26400
x-cache-hits: 1, 1

GET
H2 200 fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
squareoffs.com/assets/ Frame ECF8 75 KB
76 KB 10ms
10ms Font
application/font-woff2 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
Origin: https://squareoffs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:21:35 GMT
server: Cowboy
age: 392312
x-served-by: cache-iad-kiad7000114-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/font-woff2
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.512717,VS0,VE2
content-length: 77160
x-cache-hits: 1, 1

GET
H2 200 proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2
squareoffs.com/assets/ Frame ECF8 20 KB
20 KB 10ms
9ms Font
application/font-woff2 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/proximanova-semibold-webfont-07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d.woff2

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
Origin: https://squareoffs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 544696
x-served-by: cache-iad-kjyo7100132-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/font-woff2
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.512813,VS0,VE1
content-length: 20784
x-cache-hits: 1, 1

GET
H2 200 ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf
squareoffs.com/assets/ Frame ECF8 184 KB
184 KB 11ms
10ms Font
application/octet-stream 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://squareoffs.com/assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf?v=2.0.0

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://squareoffs.com/assets/embedded_feed-0f8ebcee2bc4c101d1d95efbb8a928358839934470f23a77501fdcf87b0abdee.css
Origin: https://squareoffs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Fri, 06 Apr 2018 22:02:04 GMT
server: Cowboy
age: 481407
x-served-by: cache-iad-kiad7000143-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: application/octet-stream
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.513932,VS0,VE3
content-length: 188508
x-cache-hits: 1, 1

GET
H2 200 PSPD-SHOOTER-TRAINING.00_03_01_20.Still001-1440x810.png
assets.squareoffs.com/square_offs/cover_photos/22992/large/1659134450/ Frame ECF8 588 KB
589 KB 435ms
383ms Image
image/webp 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squareoffs.com/square_offs/cover_photos/22992/large/1659134450/PSPD-SHOOTER-TRAINING.00_03_01_20.Still001-1440x810.png?1659134450
Requested by: Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 276b2e230a5c051221c881b9ed7e886b5a6e7eedcefdadf7a4eee2ae55bb6c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=1225372 idim=1280x720 ifmt=png ofsz=602250 odim=1280x720 ofmt=webp
fastly-stats: io=1
content-length: 602250
x-amz-id-2: V8s1xeI1sUbE5kj3TG4jQCFwj0ABGW8DizPRzegCelMFh00YgSp1y+o9h1FEqjdEsK1ek+pcxDg=
x-served-by: cache-iad-kcgs7200032-IAD, cache-hhn4021-HHN
server: AmazonS3
x-timer: S1659298011.581822,VS0,VE372
etag: "PJvlBHjDZtTFwLylRjGcNQgyNjIR2ejBxIsBGURdZhM"
vary: Accept
x-amz-request-id: 79Z8S6Y0GTD7YD1B
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H2 200 KESQ_200x200.jpg
assets.squareoffs.com/profiles/avatars/1563190/large/1573851030/ Frame ECF8 9 KB
9 KB 174ms
123ms Image
image/webp 151.101.2.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squareoffs.com/profiles/avatars/1563190/large/1573851030/KESQ_200x200.jpg?1573851030
Requested by: Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67a4878c66a30fb80b1e2411d8550c8e7aa863cc5a98aacc21069b467422a1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=20066 idim=400x400 ifmt=jpeg ofsz=8974 odim=400x400 ofmt=webp
fastly-stats: io=1
content-length: 8974
x-amz-id-2: f6l1szA+RWHcV5Kj9NbpDD5zTVVc3OT0Umj/Y33yk9OhOKAL3QEE5w8Zs3IlXkA8nwV21frMRS+H74lY2AosZw==
x-served-by: cache-iad-kcgs7200036-IAD, cache-hhn4021-HHN
server: AmazonS3
x-timer: S1659298011.581785,VS0,VE116
etag: "WZztTb0dcV/dBPyKuEEEB7SeAxqGurmrgy1tKxQMYcw"
vary: Accept
x-amz-request-id: AQFWVMS0MX5VP1TT
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 0

GET
H2 200 white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg
squareoffs.com/assets/ Frame ECF8 2 KB
2 KB 10ms
7ms Image
image/svg+xml 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/white-check-b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d.svg

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 467489
x-served-by: cache-iad-kcgs7200096-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.533677,VS0,VE1
content-length: 1639
x-cache-hits: 1, 1

GET
H2 200 comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg
squareoffs.com/assets/ Frame ECF8 952 B
1 KB 13ms
9ms Image
image/svg+xml 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/comment-bubble-icon-284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265.svg

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Thu, 14 Sep 2017 14:19:55 GMT
server: Cowboy
age: 550996
x-served-by: cache-iad-kcgs7200044-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.533654,VS0,VE1
content-length: 952
x-cache-hits: 1, 1

GET
H2 200 squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png
squareoffs.com/assets/ Frame ECF8 918 B
1 KB 12ms
10ms Image
image/webp 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/squareoffs_diamond_BW_white_30-f631c09cb282ac1ff389e485ff4c31cb1004ac5e3875d455511cde967e032acb.png

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
age: 1496931
x-cache: HIT, HIT
fastly-io-info: ifsz=1676 idim=35x34 ifmt=png ofsz=918 odim=35x34 ofmt=webp
fastly-stats: io=1
content-length: 918
x-served-by: cache-iad-kcgs7200056-IAD, cache-hhn4068-HHN
server: Cowboy
x-timer: S1659298011.534465,VS0,VE1
etag: "+JgykenlQOzRLysGzC4Yykey2WxDfNwTAwQxZqwCxlE"
vary: Accept
strict-transport-security: max-age=300
content-type: image/webp
cache-control: max-age=2592000, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg
squareoffs.com/assets/ Frame ECF8 581 B
704 B 11ms
10ms Image
image/svg+xml 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://squareoffs.com/assets/SOProfile-cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5.svg

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.202 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/embeds/4847?feed_size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Fri, 29 May 2020 23:34:00 GMT
server: Cowboy
age: 386401
x-served-by: cache-iad-kcgs7200114-IAD, cache-hhn4068-HHN
strict-transport-security: max-age=300
x-cache: HIT, HIT
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
x-timer: S1659298011.533949,VS0,VE1
content-length: 581
x-cache-hits: 1, 1

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 139ms
58ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eba523b4915828a2ca603a46b47ad857ea0d717652027a5eb7003829a6b6a75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 31 Jul 2022 20:06:50 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
314 B 175ms
122ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f4f66e9a5b38-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:50 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
39 B 145ms
125ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f4f66e9e5b38-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:50 GMT

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 hb Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/hb?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

POST
H2 204 hb Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/hb?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:50 GMT
access-control-allow-credentials: true

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 128ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 101ms
59ms Script
application/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 206
Partial Content v-08f99ac9-bfdf-4587-2270573-814f-f1f9cc42c0e3-s37.504-43.51s.mp4
apv-static.minute.ly/videos/ 32 KB
32 KB 99ms
17ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-08f99ac9-bfdf-4587-2270573-814f-f1f9cc42c0e3-s37.504-43.51s.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 25635c09d7a2192342add50316c4951d428e8d65ae38b1625b1c525f49424967

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Sun, 31 Jul 2022 16:56:16 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1659286576"
X-HW: 1659298010.dop220.am5.t,1659298010.cds308.am5.shn,1659298010.dop220.am5.t,1659298010.cds264.am5.c
Content-Type: video/mp4
Content-Range: bytes 0-32407/32408
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 32408

GET
H/1.1 206
Partial Content v-060ce26e-b1f6-494e-2253382-b835-bf78e949ff7b-s19.019-25.993m.mp4
apv-static.minute.ly/videos/ 374 KB
375 KB 101ms
19ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-060ce26e-b1f6-494e-2253382-b835-bf78e949ff7b-s19.019-25.993m.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a51c780d7d3e6e10734aed22f692e0f08ee5fe48b458890e6f13b56ceb8de9fe

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Thu, 21 Jul 2022 21:36:15 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1658439375"
X-HW: 1659298010.dop208.am5.t,1659298010.cds259.am5.shn,1659298010.dop208.am5.t,1659298010.cds232.am5.c
Content-Type: video/mp4
Content-Range: bytes 0-383156/383157
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 383157

GET
H/1.1 206
Partial Content v-ccf47c94-08a4-4e5b-2252252-80d1-1c8f7a317633-s221.221-228.462m.mp4
apv-static.minute.ly/videos/ 315 KB
316 KB 100ms
18ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-ccf47c94-08a4-4e5b-2252252-80d1-1c8f7a317633-s221.221-228.462m.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ab0a9766062f904ed6fceb8cfca73b5686e491b43241817a25f3bff0f547ff01

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Thu, 21 Jul 2022 01:48:53 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1658368133"
X-HW: 1659298010.dop014.am5.t,1659298010.cds310.am5.shn,1659298010.dop014.am5.t,1659298010.cds265.am5.c
Content-Type: video/mp4
Content-Range: bytes 0-322677/322678
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 322678

GET
H/1.1 206
Partial Content v-08f99ac9-bfdf-4587-2270573-814f-f1f9cc42c0e3-s37.504-43.51m.mp4
apv-static.minute.ly/videos/ 92 KB
92 KB 99ms
16ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-08f99ac9-bfdf-4587-2270573-814f-f1f9cc42c0e3-s37.504-43.51m.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e1befb2b44f4113aa042daf10a89355ec40481820a5b03ca0f6dc99a42fe2152

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:50 GMT
Last-Modified: Sun, 31 Jul 2022 16:56:18 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1659286578"
X-HW: 1659298010.dop120.am5.t,1659298010.cds297.am5.shn,1659298010.dop120.am5.t,1659298010.cds313.am5.c
Content-Type: video/mp4
Content-Range: bytes 0-93925/93926
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 93926

GET
H/1.1 206
Partial Content v-b4b8e4dd-8e36-416a-2268468-a84a-a885d3796f6c-s20.521-27.094m.mp4
apv-static.minute.ly/videos/ 184 KB
184 KB 452ms
369ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-b4b8e4dd-8e36-416a-2268468-a84a-a885d3796f6c-s20.521-27.094m.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6502bff981206d758af053aa48d4ac0d41a098becd47e48ac9056a6553458d8e

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Last-Modified: Sat, 30 Jul 2022 03:52:35 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1659153155"
X-HW: 1659298010.dop226.am5.t,1659298010.cds269.am5.shn,1659298010.dop226.am5.t,1659298010.cds284.am5.s,1659298010.dop208.dc2.r,1659298011.cds197.dc2.c,1659298010.cds284.am5.p
Content-Type: video/mp4
Content-Range: bytes 0-188106/188107
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 188107

GET
H/1.1 206
Partial Content v-17726a31-5f4a-4638-2270251-8f23-becb680b9972-s35.536-41.108m.mp4
apv-static.minute.ly/videos/ 194 KB
195 KB 467ms
383ms Media
video/mp4 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.minute.ly/videos/v-17726a31-5f4a-4638-2270251-8f23-becb680b9972-s35.536-41.108m.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 97186ca8cd3891de25d24587a89b17d5c93e9dd502fc5acb5abe13d9af9c1d61

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Last-Modified: Sun, 31 Jul 2022 06:19:10 GMT
Access-Control-Allow-Origin: %client.request.headers.origin.value%
ETag: "1659248350"
X-HW: 1659298010.dop126.am5.t,1659298010.cds142.am5.shn,1659298010.dop126.am5.t,1659298010.cds122.am5.s,1659298010.dop183.dc2.r,1659298011.cds167.dc2.c,1659298011.cds122.am5.p
Content-Type: video/mp4
Content-Range: bytes 0-199109/199110
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, chrome-proxy
Content-Length: 199110

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 390 B
235 B 305ms
304ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1533716713199401&correlator=2483587158146546&eid=44761478%2C31064226%2C42531605%2C42531607&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&npa=1&iu_parts=6123%2Ckesq&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=3640888092&sfv=1-0-38&ecs=20220731&fsapi=false&prev_scp=wp_unit%3DLeaderboard%25201%26pos%3Datf%26browsiViewability%3D0.70%26browsiId%3Dkesq&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie=ID%3D790fc260ae19a71c-22a6e525e0cd00ee%3AT%3D1659298009%3AS%3DALNI_MZrKALzUOTGhCtV3HrrDvZpq1uh3A&abxe=1&dt=1659298010641&lmt=1659298010&dlt=1659298009230&idt=424&adxs=436&adys=122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=1600x90&msz=728x-1&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1223097823.1659298010&ga_sid=1659298010&ga_hid=934942832&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

244238d6d950c69cc25a323ffe38495b71421ff28c365d7739ba76a4d0226e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 391 B
237 B 564ms
563ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1533716713199401&correlator=2483587158146546&eid=44761478%2C31064226%2C42531605%2C42531607&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&npa=1&iu_parts=6123%2Ckesq&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=1664542037&sfv=1-0-38&ecs=20220731&fsapi=false&prev_scp=wp_unit%3DMedium%2520Rectangle%25201%26pos%3Datf%26browsiViewability%3D0.80%26browsiId%3Dkesq&cust_params=wp_category%3Dhome%26page_type%3Dhome%26post_id%3D8&sc=1&cookie=ID%3D790fc260ae19a71c-22a6e525e0cd00ee%3AT%3D1659298009%3AS%3DALNI_MZrKALzUOTGhCtV3HrrDvZpq1uh3A&abxe=1&dt=1659298010645&lmt=1659298010&dlt=1659298009230&idt=424&adxs=1033&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkesq.com%2F&frm=20&vis=1&psz=354x250&msz=300x-1&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1223097823.1659298010&ga_sid=1659298010&ga_hid=934942832&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

12733c8d6d71840ec1e9d10763e7774d9c720f3e8e3e54dec82e6aeddc09712b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3FA 6 KB
1 KB 134ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 18:58:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 20:06:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3FA 2 KB
635 B 141ms
55ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 19:04:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 20:06:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 gdpr.css
plugins.blueconic.net/toolbar_gdpr_components/1.2.2/frontend/src/css/ 2 KB
943 B 45ms
8ms Stylesheet
text/css 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/toolbar_gdpr_components/1.2.2/frontend/src/css/gdpr.css
Requested by: Host: npgco.blueconic.net
URL: https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: - /
Resource Hash: ee2ec977814ef6d0e7399fdf80c62a5195c203c9ca02686506bcb5afe9ff1695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:51:27 GMT
content-encoding: gzip
age: 2229323
x-cache: Hit from cloudfront
content-length: 520
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 13:06:31 GMT
server: -
etag: "627-5c8cf96792320-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: -mkpVdu8q-03czpafjtv4ar9EAMzYKh-Gb9TC0xW3KRmLK9X2D2A5g==
expires: Fri, 05 Aug 2022 00:51:27 GMT

POST
H2 200 570 Show response
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 363 B
903 B 102ms
101ms XHR
application/json 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/DG/DEFAULT/rest/rpc/570?referer=https%3A%2F%2Fkesq.com%2F&bcsessionid=ca7739cf-7ae5-422c-ad86-02024315260f&bctempid=&overruleReferrer=&time=2022-07-31T20%3A06%3A50%2B00%3A00&ts=1659298010691

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

56eea270dfdd40ee3933bff4fec9c257676b2a0886724bf5efe2e212511a8a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://kesq.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 174
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 570 Show response
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 182 B
895 B 103ms
102ms XHR
application/json 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

a2d0d9deb076517a6a0f52fc09433c4b0c2af9adc2a834414aa31547fa47f14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://kesq.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 164
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
npgco.blueconic.net/DG/DEFAULT/ 66 B
858 B 99ms
99ms Script
text/javascript 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/DG/DEFAULT/cs?bcsessionid=ca7739cf-7ae5-422c-ad86-02024315260f&&callback=bc_json571

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

27e22e7e6035036c0814bef7199b90461e1e872f266b4e66724134faee3cc5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 160ms
17ms Script
application/javascript 2a02:26f0:ea:4b9::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=undefined
Requested by: Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.42/tvp.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 297ff0bb8598f98b7098c965b2f8c8036f548df903726c9fba04443414a8e3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvMZaKEnKiBnBzZIQHbwdJZ8b7dB4BF_D2JBweWKMgU2jB75-rFt0NhepvT2w_fha5nJla2cnrkqiEpWJ8go4csR5aqmeUN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9820
last-modified: Sun, 31 Jul 2022 06:08:10 GMT
server: UploadServer
etag: "2d86b02fa1688616b647fa2d3a539b7c"
vary: Accept-Encoding
x-goog-hash: crc32c=z8f8+g==, md5=LYawL6Fohha2R/otOlObfA==
x-goog-generation: 1659247690287404
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9820
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 31 Jul 2022 20:11:50 GMT

GET
H2 200 track
track1.aniview.com/ Frame F3FA 0
71 B 359ms
101ms Image
text/plain 35.173.69.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=undefined&cid=5d429a4728a0615fb3632846&e=playerLoaded&cb=1659298010767
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.69.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame F3FA 32 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c472eb498be9d618f4e850fbfa1608eaec1e73f7a9ca97fe28a19188bde740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 200 _.gif
counter.snackly.co/ 0
41 B 126ms
125ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/30430/mi-1.13.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f4f79f965b38-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H/1.1 206
Partial Content v-d97766e8-5782-4ba9-2255615-97c0-2b5633646315-s124.525-130.531tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 168 KB
169 KB 247ms
18ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-d97766e8-5782-4ba9-2255615-97c0-2b5633646315-s124.525-130.531tvl.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 78d0a446b8f407e4cb3b2b2a965b57a25d1f0438c0acb089371bca9749feed3b

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Content-Range: bytes 0-172120/172121
Last-Modified: Sat, 23 Jul 2022 04:12:40 GMT
ETag: "1658549560"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 172121
X-HW: 1659298011.dop114.am5.t,1659298011.cds224.am5.shn,1659298011.dop114.am5.t,1659298011.cds310.am5.c

GET
BLOB 206
Partial Content 919d302c-9268-483c-b025-527fb87f1c9b
https://kesq.com/ Frame F3FA 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kesq.com/919d302c-9268-483c-b025-527fb87f1c9b
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 / Show response
feed.mikle.com/api/widget/read/body/ Frame 34B7 119 KB
27 KB 227ms
226ms XHR
application/json 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.mikle.com/api/widget/read/body/?widget_id=153514&widget_parameter=%7B%7D
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-138-68.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cda99612ffce077f473da92e7c0929c9a80bab0dacd173105dfca9b1d3c30177

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://feed.mikle.com
cache-control: max-age=180
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept, X-Requested-With
expires: Sun, 31 Jul 2022 20:09:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/ Frame ECF8 341 KB
120 KB 145ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6766358096536054&plah=squareoffs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38239c0eb2ff0b67f37b09c7180a99f5d1d86bd75920a10d9ece28cde70ecae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123171
x-xss-protection: 0
server: cafe
etag: 11779917249217685913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Jul 2022 20:06:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame 9CFC 10 KB
5 KB 121ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6766358096536054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://squareoffs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 19:53:13 GMT
etag: 8616628553774171045
expires: Sun, 14 Aug 2022 19:53:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3FA 15 KB
16 KB 117ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kesq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 521935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 19:07:55 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c8b8a173/www-widgetapi.vflset/ 158 KB
51 KB 112ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c8b8a173/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3430dca601f444272bc70149d25ce4d8a236161650ebc01a5888ab0bed60073a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52326
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 00:37:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 31 Jul 2023 19:46:43 GMT

GET
H2 200 d98b997ab2a880527ff9d5da5687bdfb Show response
npgco.blueconic.net/templates/ 290 KB
36 KB 98ms
98ms Script
text/javascript 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://npgco.blueconic.net/templates/d98b997ab2a880527ff9d5da5687bdfb

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

ba82e6480a2599627970d68d9d42b4e51c488e9eb8587d3cf9d539724b44b073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Jul 2022 20:06:50 GMT
server: -
etag: d98b997ab2a880527ff9d5da5687bdfb
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 36390
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 20:06:50 GMT

GET
H2 200 notificationBar.css
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/ 2 KB
1005 B 8ms
8ms Stylesheet
text/css 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Requested by: Host: npgco.blueconic.net
URL: https://npgco.blueconic.net/plugin/plugin/682465af888e294f1aff5073c5668680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: - /
Resource Hash: d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 02:11:58 GMT
content-encoding: gzip
age: 842092
x-cache: Hit from cloudfront
content-length: 581
access-control-allow-origin: *
last-modified: Mon, 19 Jul 2021 06:37:57 GMT
server: -
etag: "7b4-5c7742d8457d8-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: aDMYpHoux40O4cEggDlPvRPnGLKXbMaRdr92rDLSrx02xAbyou73Xw==
expires: Sun, 21 Aug 2022 02:11:58 GMT

GET
H2 200 CloseIconNotificationBar.png
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/ 2 KB
2 KB 8ms
8ms Image
image/png 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/CloseIconNotificationBar.png
Requested by: Host: plugins.blueconic.net
URL: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: - /
Resource Hash: c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 00:38:01 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jul 2021 06:37:57 GMT
server: -
age: 2489329
etag: "6ed-5c7742d8401e8"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1773
x-amz-cf-id: 8PY8rywMmScuSin6Az7n7mPLrfZ5HBTt27nnKlLby65yYJItTzL9sQ==
expires: Tue, 02 Aug 2022 00:38:01 GMT

POST
H2 204 hb Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/hb?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

GET
H/1.1 204
No Content desktop Show response
demand-engine.browsiprod.com/single/ 0
151 B 33ms
32ms XHR
text/plain 63.33.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=true&ai=501&f=1.29&rc=0&ll=false&st=api&et=b&al=354&di=1&pt=in-line%2Cwithin%20main%20content&div=leaderboard-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=4bf1b110-da4d-4759-8f55-bd32745bba3a&aid=kesq_-727983220_-1592112820&sid=87755b72-f884-462b-af40-dc68903f2b32%26false%26false%26DEFAULT%26de%26desktop-4.5.14%26false&mch=5338&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5974&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kesq.com
Date: Sun, 31 Jul 2022 20:06:50 GMT
Access-Control-Allow-Credentials: true

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 2452 387 KB
110 KB 18ms
18ms Script
application/javascript 2a02:26f0:ea:4b9::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4c84a9ea220f42a24f4f358b99ce4589d21c4d340e28d6cb6d2558d4f47bf4b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsxKP6RL2OAPYQNnHIIThq4FCNm2cVD_Q-praWPzb9qeg-ZDGpFxsqt3aZv4v0PEjpbfeRwS_0IDKJI0eWcewCDezAtSqDl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111632
last-modified: Sun, 31 Jul 2022 06:08:10 GMT
server: UploadServer
etag: "273cbc4833172202c70c8ed03f20be3a"
vary: Accept-Encoding
x-goog-hash: crc32c=/LSAzg==, md5=Jzy8SDMXIgLHDI7QPyC+Og==
x-goog-generation: 1659247690099252
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111632
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 31 Jul 2022 20:11:50 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 35.173.69.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=kesq.com&sn=1324123&cd9=https%3A%2F%2Fkesq.com%2F&ic=0&tgt=0&app=&wi=754&he=424&test=&d36=6.2.40&apppkg=&fv=1&proto=https&pid=5a16a1b928a0616e7966522d&cid=5d429a4728a0615fb3632846&stagid=&stplid=&e=inventory&vi=100&cb=1659298011044
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.69.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 2 KB
1 KB 375ms
102ms XHR
application/json 34.225.117.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SUBID=1324123&AV_CDIM9=https%3A%2F%2Fkesq.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fkesq.com%2F&AV_PUBLISHERID=5a16a1b928a0616e7966522d&AV_CHANNELID=5d429a4728a0615fb3632846&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=kesq.com&AV_DADPOS=1&d36=6.2.40&responsive=1&sver=2&avtoken=11044&omv=1.0.1&AV_WIDTH=754&AV_HEIGHT=424&AV_DNT=0&cb=1659298011064
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.117.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-117-0.compute-1.amazonaws.com
Software: /
Resource Hash: fd1f00572f3cefc45fb81ea76d3656e1341aa3172f71dc0fa3c32fac5da92ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://kesq.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 20 Jul 2022 06:20:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame ECF8 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=squareoffs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6766358096536054&plah=squareoffs.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ECF8 107 B
122 B 59ms
59ms Script
application/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=squareoffs.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7001 0
16 B 197ms
118ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&adk=1282969481&adf=3986099802&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fkesq.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010867&bpp=3&bdt=915&idt=236&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&nras=1&correlator=3358616899376&frm=24&ife=1&pv=2&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pgmvdvqwtp7w&fsb=1&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://squareoffs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BF5 20 KB
11 KB 438ms
368ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41ad79d3d79364a3b1160998776d8fe3c51400abe5bba252bf5c8259e9f9184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://squareoffs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10867
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 _.gif
counter.tldw.me/ Frame F3FA 0
231 B 236ms
220ms Ping
image/gif 2606:4700:10::6816:4aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.tldw.me/_.gif
Requested by: Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.42/tvp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1659297789.dop208.am5.t,1659297904.cds272.am5.shn,1659298005.dop208.am5.t,1659298011.cds288.am5.sc,1659298011.cds288.am5.p
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f4f9ab6e9046-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:51 GMT

GET
H2 200 thirdpartycookie Show response
api.viafoura.co/v2/kesq.com/ 45 B
643 B 124ms
123ms XHR
application/json 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/kesq.com/thirdpartycookie?section=
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept: application/json, text/plain, */*
Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-00e58b1e191a9a4d8
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://kesq.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Sun, 31 Jul 2022 20:06:51 GMT

POST
H2 200 570 Show response
npgco.blueconic.net/DG/DEFAULT/rest/rpc/ 185 B
971 B 101ms
100ms XHR
application/json 52.23.130.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/npgco.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.130.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-130-19.compute-1.amazonaws.com

Software

- /

Resource Hash

e9539f788458735602ca2fef7ae7b61b0945c861e15021b729a8277d0013cf42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://kesq.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 149
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 hb Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/hb?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

GET
H/1.1 204
No Content desktop Show response
demand-engine.browsiprod.com/single/ 0
151 B 33ms
33ms XHR
text/plain 63.33.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=true&ai=500&f=1.41&rc=0&ll=false&st=api&et=b&al=492&di=0&pt=in-line%2Cwithin%20main%20content&div=rectangle-1&au=%2F6123%2Fkesq&sk=kesq&pk=newspressandgazette&pvid=4bf1b110-da4d-4759-8f55-bd32745bba3a&aid=kesq_-727983220_-1592112820&sid=87755b72-f884-462b-af40-dc68903f2b32%26false%26false%26DEFAULT%26de%26desktop-4.5.14%26false&mch=5338&uid=anonymous&pu=https%3A%2F%2Fkesq.com%2F&pl=5974&d=false&sh=1200&lid=83807204-dfe4-4ccf-a894-49fa617724e6_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1.5&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.106.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kesq.com
Date: Sun, 31 Jul 2022 20:06:51 GMT
Access-Control-Allow-Credentials: true

POST
H2 200 _.gif
counter.tldw.me/ Frame F3FA 0
111 B 242ms
242ms Ping
image/gif 2606:4700:10::6816:4aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.tldw.me/_.gif
Requested by: Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.42/tvp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1659298011.dop124.am5.t,1659298011.cds119.am5.shn,1659298011.cds119.am5.sc,1659298011.cds119.am5.p
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f4fa7c669046-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:51 GMT

GET
H/1.1 206
Partial Content v-d8efc8e9-3f3c-4ca2-2267293-96fe-80332b091166-s49.049-54.655tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 467 KB
467 KB 17ms
17ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-d8efc8e9-3f3c-4ca2-2267293-96fe-80332b091166-s49.049-54.655tvl.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: d4e4d2827b5ab8c6385e9b963eae0377a5e724048c1e7fe9dddfe1e1d9454a89

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Content-Range: bytes 0-477701/477702
Last-Modified: Fri, 29 Jul 2022 16:24:13 GMT
ETag: "1659111853"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 477702
X-HW: 1659298011.dop114.am5.t,1659298011.cds224.am5.shn,1659298011.dop114.am5.t,1659298011.cds214.am5.c

GET
H2 200 intl-messageformat.092665453b81acf7a8c0.js Show response
cdn.viafoura.net/chunks/vendors~languages/ 17 KB
5 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:ce00:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.092665453b81acf7a8c0.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ce00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67e97f3d17f69516231c461af7b3c3578b50654ce0f41427b7d7cca35e5256ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 19:38:33 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 19:38:04 GMT
server: AmazonS3
age: 174499
etag: W/"0c5f3977c93ac6e9e46805a554d8a042"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lKJ1wP6TKNPbPG8X26RfSJMGTvbck39n
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: E73RQpVAceLq-MZZ4n9WrpYOF7aT5dZKz5-aqmpfl3FhcSXQxaXyUA==

GET
H2 200 intl-messageformat.3105c5d81b5a425892bc.js Show response
cdn.viafoura.net/chunks/languages/ 134 B
563 B 9ms
9ms Script
application/javascript 2600:9000:20eb:ce00:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/intl-messageformat.3105c5d81b5a425892bc.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ce00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2d37ebbd63f9f33298225cee771b8eb5d35b40f0a8d7ab2964f790f5e8ecf56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 19:38:33 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 19:37:50 GMT
server: AmazonS3
age: 174499
etag: "4ebae523ee7ad98dec19a6b78d787556"
x-cache: Hit from cloudfront
x-amz-version-id: f9ehh4D_tF7yX3sIuXaw2LCjOkvmbhE6
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 134
x-amz-cf-id: TIL4Rd12rIQRUm-DJWxjsDtYBIr8QkV51QNg4E2OEFnzO6s2HXmmcQ==

GET
H2 200 en-us-base-json.0ede71e011ccd1482a14.js Show response
cdn.viafoura.net/chunks/languages/ 19 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:ce00:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/languages/en-us-base-json.0ede71e011ccd1482a14.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ce00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5893cc7b3861f4221765d71bbb04489b2bd2b17349ab90809d3db5c5dee65e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 19:38:33 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 19:37:51 GMT
server: AmazonS3
age: 174499
etag: W/"866fc856462fdea925604eee4107ba99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: FGsQIq.hLgAvvFwcl7mWq4zUrFYgPWRx
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: a8Clh3Sy9hiqMIgAWeIkNBCBSwEk4JnzNACwFUFRxUNhMvBhpYEqXg==

POST
H2 200 ingest
i.viafoura.co/v3/kesq.com/ 67 B
387 B 344ms
100ms Ping
image/png 52.72.67.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.viafoura.co/v3/kesq.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-67-212.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/png
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
feed.mikle.com/fonts/ Frame 34B7 75 KB
76 KB 98ms
98ms Font
text/html 3.233.138.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.mikle.com/fonts/fontawesome-webfont.woff2?v=1580871352
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.138.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-138-68.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
Origin: https://feed.mikle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 02:55:52 GMT
server: nginx
etag: W/"5e3a2eb8-12d68"
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158748/5611/ Frame 2452 214 KB
69 KB 161ms
17ms Script
text/javascript 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158748/5611/pwt.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72b88b6dd3591e047ebc4e90d6b42b95f9950d242912bbd86c145f05a6b78011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:42:26 GMT
server: Apache
etag: "16e2336-3593e-5dda4a7fa3ed9"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=42630
accept-ranges: bytes
content-type: text/javascript
content-length: 69778
expires: Mon, 01 Aug 2022 07:57:21 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame E7FA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=minute&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26bidd...
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=200&key=OPTOUT

0
199 B

333ms
102ms

Document
text/plain

54.174.213.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-213-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 31 Jul 2022 20:06:51 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sun, 31 Jul 2022 20:06:51 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=200&key=OPTOUT
pragma: no-cache

GET
H2 204 /
onetag-sys.com/usync/ Frame 52AD 0
0 30ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=61d67b18f4d0980&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A6BF
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1659298011383-974638447295-008606-010-008847%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=55&key=2034174182237149796

0
214 B

339ms
103ms

Document
text/plain

54.174.213.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=55&key=2034174182237149796
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-213-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 31 Jul 2022 20:06:51 GMT

Redirect headers

AN-X-Request-Uuid: 33b560d6-df89-4796-89f3-3c9efd631919
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 31 Jul 2022 20:06:51 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=55&key=2034174182237149796
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 653C
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=191876&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1

2 KB
2 KB

94ms
39ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ede164d1e4a54dbde0c2181e2c9958a44cf355569398a7e57130a24e175f4ec

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7338f4fc99c99b74-FRA
content-encoding: br
content-type: text/html
date: Sun, 31 Jul 2022 20:06:51 GMT
dropped-udsids: 241|39|230|45|73|41|88|111
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iIvyb%2FcvDl9Do7YZG0oWMwcMz7JCjS45lLd5bxdR6dgehRafcFCpRwN7FwuBws%2BeE4i%2BrcK7zC9p6NaApGTMIBl8EahL%2FAbwwXBM64XEUwqqr3b4e7GZeiGBLRw3DEMA4YH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7338f4fbf89d9b3f-FRA
content-type: text/html; charset=iso-8859-1
date: Sun, 31 Jul 2022 20:06:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8Nveq5WoSYG%2F%2BGKX5SuH9wgyuDm%2BYlGEoX4eR%2BsqVxiPYzXMhQb%2BDOiSLK0RNO%2BfubjKdNj2kjOLxP3WSiuwIGtRQI2jjaE9cS2LEzIVUFr0j4XEfBqe4tCs4prtTkMc7487qO8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 2DA2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D2%26key%3D%24S...
https://sync.search.spotxchange.com/partner?adv_id=8892&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D2%26key%3D%24S...
https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=2&key=511f3aa3-110c-11ed-9a22-13b80d860206

0
235 B

169ms
104ms

Document
text/plain

54.174.213.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=2&key=511f3aa3-110c-11ed-9a22-13b80d860206
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-213-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 31 Jul 2022 20:06:51 GMT

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Sun, 31 Jul 2022 20:06:51 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=2&key=511f3aa3-110c-11ed-9a22-13b80d860206
Server: nginx
X-fe: 107

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 83C4 0
0 145ms
11ms Document
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Sun, 31 Jul 2022 20:06:51 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 111ms
42ms Script
text/javascript 2a00:1450:4014:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/content.secondspace.com/kesq/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 67
date: Sun, 31 Jul 2022 20:05:44 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 31 Jul 2022 22:05:44 GMT

GET
H2 200 239.jpg
events.kesq.com/wp-content/uploads/2022/07/ Frame 34B7 285 KB
286 KB 627ms
155ms Image
image/jpeg 35.223.203.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.kesq.com/wp-content/uploads/2022/07/239.jpg

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.203.223.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

69f4c0e2968b3abf25f440ea9750e2e01fad20dc34ad3ac45fbb95171fdb0763

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 292002
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Jul 2022 04:00:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62d62c41-474a2"
strict-transport-security: max-age=63072000; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges: bytes

GET
H2 200 tristan2-1.jpg
events.kesq.com/wp-content/uploads/2022/04/ Frame 34B7 4 MB
4 MB 824ms
352ms Image
image/jpeg 35.223.203.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.kesq.com/wp-content/uploads/2022/04/tristan2-1.jpg

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.203.223.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e67c6d94cd2a08f62fa76e292cfe34363bad74181a8a99669e3b377a53c0d781

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3846372
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Jul 2022 00:25:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62c7795f-3ab0e4"
strict-transport-security: max-age=63072000; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges: bytes

GET
H2 200 SS.jpg
events.kesq.com/wp-content/uploads/2022/06/ Frame 34B7 97 KB
97 KB 824ms
352ms Image
image/jpeg 35.223.203.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.kesq.com/wp-content/uploads/2022/06/SS.jpg

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.203.223.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3cad73fb09fa109ce67f4fb4e2222c7e2eefc90aa436f0c445e9671db559538a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 98855
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 21 Jun 2022 18:43:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62b21163-18227"
strict-transport-security: max-age=63072000; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges: bytes

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
166ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BF5 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cy4MYKyUxh_TX2CTM5JuKmNP0E-xGrU7RV0r1mqJ930k8AWkAJAEzqa3X9oLke6jGXT0r6GwFAiq05fQcJviCQRnv76FywCDr1kHqqsaZLktxN_FE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 3BF5 3 KB
1 KB 143ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 19:27:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BF5 139 KB
43 KB 126ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 20:06:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 3BF5 18 KB
8 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 20:03:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3BF5 0
0 116ms
60ms Image
text/html 2a00:1450:4014:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsD-Zv7e1ohfCP5XrPu3LaNomWQj0H9TetvOzyKE8CLLcSqOxj8eB1oxNMYnAUZAd8dkKbqHlhrsFCmUUEHL8grrv49A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0827 624 B
297 B 51ms
50ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXGsypvj8FqFh_HMRPLyHow1UfnbbAaNi73VhKI0SV7CX49j7pKh9sktWta-npj-irQkE53geeQI5cxLWEXf197U6ZgOcUJ8Wf0PjOzmrQ0g3gSJ2OOzmDhNwvrG_mkd_rKl9Yw-l9heb7b7MXwhh1K-34vZxfA-ssHqb2gtI4xOQAh0lc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3BF5 26 KB
16 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmYvc5c65eXQAgYLD_4rXw5JO1bDxinFez0aPK4R_cmdO_zJEfmQ95SB5fnHgwNTJbXPlmi6ZfCaSnfPgPpmwmpYgghccPAgkkvaw_lV6dDoRHzZt_gceORldfDoTNGrfhdHViOuD3dTuRFpYeYxxnxqhoQ&cry=1&dbm_d=AKAmf-DB_28wqTlMaO2NiXhXoIz9ZT0uay2euq7PcNC0sSkpN4QHazCEBOnWj10ff1W0n7DjRim80-vSQKX7AhLXm7Lhz_CsFZ83MLRVnLwIP8ZIPiKvANRiKBgtvofDNOyPDvtJRmkI0cbEDnIuJcKecxfRZ1lyjRHLYn-6xNpWQ2-n2rJJRmMIt2dO6sTjhQZdLsMdMw25Yn0obkH98xDqNJVP_GLjS0Tbygew4XRu8TfTFU-A9hfrYKHcxHzSVO0IDVI8SuIXyULaRInbRAiiuVbQhR6d9XARgcZMGZUZ-uTSxhnc0XXBCmZFvK3TnPhLcqKB97vince3_IVUtIFjYWOl3AC_RUf919uNpGi5pKV1sI9QR9dnbugHD1_jt3Ehe-lPZhEU6ZhMAHQMmztsJtgQpsiHgP-ajG2iIgh4TKU3ZlAWIpsUFDROQbYyYonCJx4ZYRKr98-8a5qMZ3WWwd1W6TQysLb3HjejgewEu-Kkx13cb2CTcXa2eSWQ0SqNnrVa4zU9UbU0LtGevZMqHaE8mFQ_Q192-Wxmze7FggLE04jAGf7hTdgllLWG82uSaSw0_tms39-xyjKD6-qY4khq0YZ2KM7LrUfE7iaQy80Sz8JCCTQ2yIumNS1is-8bpQvAwQYrLzjWy3Rjwd0eyuhQ5uYZrvUm0ESBlBA9cpdsfPPw57RbYK5Ck2P7S7aWfCjd3Vds9I-w2UBCP6Pz2lZr3nHfxKNR8Y31s_a9dpQJ1XtLSa5Li0ZxN1ldmDZ0w7u063_Tvh09fTrBTXZFo85WdMwZ3xjdDWFVQGThT8DajynUbpFb3t75ptlkvNorhVCJDd-u-z2f6pyrAk3vvfwXb2CN7yrqhT7dkUneoH3n1k2unXkySylukZAqmrMSZ-3092FE5bUp0I90RNbjdU4T-B8bOhYh3YA0jYyNp_IRfVjm78PadchWMZbJoe7zBFD8W1C_2nBCYIgK3ALD1--4wyh_yFD60fipKtZkWuob_pdk3WZMU1FiPmVbf8YdxKJ3W_fA18FjUy_4L9w-hcSq980qcPtH5kY19_bFfJarz_IJX7QiEwdKb85sJBrKelxk3xpXHOfXf5yKYCO4zfRiVJ6WgweAH68xyyP6cOKSQaWyMRUexB9GLOA8M2l1HC6fu7ux35r7gKdjDNjDeXgZ72qigRppUAyFSiBRrkSQVJ8UTniCg0KD1ZJkT8SvGDC7MN9-DF0pcmnBclksm-JSs-0m16kyxN-UUw5BlY3M9GkxIlC1b3M6d7Nn1MOrJARAUdmdqMsZajWlCzksfrq2BWBCWO90E3qbVJdtOmLCWQ0N3CVCrRDtWw70VxbgmDbEPOHACOu3wbxpqG013rKW3kLUjzH52FMzRzFuCPtQq8hNfRO3pQSq4EE1S18fWJp2XjSW-c-Y-cL4PDSW62-zcEWEXF6baTMDj2v4FUwiNDO29prRdWUvuDzL-YCubBRUnb8Nd8TietMtnBCBOR0TKkMQ1ZKOXhum6UhMw2dCEmQb1c0Uhx8Wykyfoki0gfZbLc8g7JyTQyF1rpfMZADpILbB2tqpgEIeJg9xPZpwEg2ZqvQTDMhiy_ZDYZxP6wf7QH9y2FX6SHO1BbAXJ7P2hHsPvMXWULE84KUuzWIXnNfSav0RlOcBxMqku20ulpUfKA0Tc1-OV2-O8C9cBIsm6e6-GKwoV5is-iRyDCePeryyTTrhF1_rUlEZav0cZG-iPD-85x5hSfHTgnpPgrIABeG76z7hB7PW-LnWr7zQdgxWxGTq5If3INFAHiYA4Ii5shdipA803e1E0vWZ_DvUEjPfkihK8ETO6RspxlUcO1gbwR5rXVrboiQ_wkPfMiBbiZia3iuUX_CDnmm-5R9niM_cC2PM7RlwV4thuoTF9KQQwpPNlCZPD_t0WmdMoU34jmFH_Ug0pduLWwFBAkP3DdXBT6OiyG-clf1fDzRVPCIVhh-EZv4JchX6s0Asb_iwT_361juX1nOMCa-F7yccySjPSY2Zw8o6PF61wQXoPcYHfIdNXAsub0dRcE_Qtf_rxN8d7iP-Ng7lWKglp6MDcDqAZ2p0IiWw3otJM-2rODzZEpHMHT4enGRYNzy7C9BGof_8IKkbG-HgmnwuPq4NnzysdgDBvejX12WvHKNUhCY9r44tz1F50XOkvVcYxm7o9JsZt7xgL9-NFbkS9Tdexm4mq0mHrd0OXg36IxUpXxf7mp3mQ6CZfHHWmbXHbwam-W0LTDZVwcZBy8_aQC5ujPhQtbRcuxLB7IqfBRz6pAfWiZP_NhoMPwisnmoPJ2v_t_GB16f7fl_RJWjhN74SlCFr82CjBYk0dVtc8ygNzmv8oDcHoUCdHU0grId5qbGIu0mFQ12_J1d8QujGXQSdBb8hPEh2ZH_W50ecQ8LYzJUY9Nfa0mLLYPUdMd-WRXD-J7ugHkrWPSbhcevzcvNZotFGOBdzdpBJv5DOtAofJwz8SY8qieNbd-vXkvuA5KaGsYwqykMbuzKRrHkXOyhlRQsF60eZIE_Pda0eaO7JES_omR1alVwzVuNP2AChHs8vvH9gEZqpIcxjceECAJBvXZjoTC3U84u576dhbgpI8iOL4PAdPgYCibLqM3eOXx-zFog1V3KDVBmciQVHA_flFfk7eg4S1KkUejJDRJxv7RbwWVk6qBw32W_TlfeYhbh633OoBAYLzElkYfTOyd3337OdeGazsR_4PrjeG5AdsUnQx15m6GIjVF4jVQjGXAISTCfQ9hq_byPnyx3uFFloFgVg0EzYhAIKk8Oherk0Rx9lINox8pq5hH7XWCMpJsBds3iwFva9Xy9-n9p1X8y83_EezBFJzJDnEUjfBrp7mUDBFH1-ri0ISInazUPDvcS_WSLq3NXN0tyBi9vRaBuVE53-HJ_c3RDU8fy37iRfBX0uBQ49_YNMs_6dX1orw3M-3k_RzvI_qcf_FjSV4N-E_Ux39Ncevu7cUT_nUZl3LX8YAhZwpvo7h3xjFWCoO_A3UjfcaDHQUz-XdUu9x2HfkflgsAbJ4_7E2HYg05hcar65If_Ry1P8jVNJOwSaPzwqZQ_FM-IelomcZuTsAKVFx3xjpgVLl4A2NKhbBPYQcMezXU4ma9j4TmQh_m9Yc00vNdte7zGcgPHPSRHbYYTIRSUdSdRGMZvCPuiho0nbvXjc0EX8n6GTohmBsnVvDyQ1xX8Pg0fUvveNOJwz6YFB-q7Xkq7G-OEdmATATboORHmkRfvLKmK6GWMSJyMGAPhbOWNnxj2GdA80YJhJmOkXTUPT8e-pukhoJTFx9rq5Cqf5ZdDBYSoF8pwk5Om87WB_tpd4&cid=CAASEuRorHc_2MvqMF8c0kAmYlcN6g&rfl=2%2Chttps%253A%252F%252Fkesq.com%242%2Chttps%253A%252F%252Fsquareoffs.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f6979db96a442652af975ea3dc44258a6bf4ac0529a956a371ac579b581d0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 99ms
58ms Image
image/gif 2a00:1450:4014:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1535075058&utmhn=kesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20-%20KESQ&utmhid=934942832&utmr=-&utmp=%2F&utmht=1659298011596&utmac=UA-24770923-2&utmcc=__utma%3D98699140.1223097823.1659298010.1659298012.1659298010.1%3B%2B__utmz%3D98699140.1659298012.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1176768742&utmredir=1&utmu=qAAgAAAAAAAAAAAAAAQBAAAE~

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:51 GMT
access-control-allow-credentials: true

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0827
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1

43 B
1 KB

65ms
45ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXGsypvj8FqFh_HMRPLyHow1UfnbbAaNi73VhKI0SV7CX49j7pKh9sktWta-npj-irQkE53geeQI5cxLWEXf197U6ZgOcUJ8Wf0PjOzmrQ0g3gSJ2OOzmDhNwvrG_mkd_rKl9Yw-l9heb7b7MXwhh1K-34vZxfA-ssHqb2gtI4xOQAh0lc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7338f4fd89c49130-FRA
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVQ1p3CJCI%2FNJs0Sp8PB3cwgjyKY56jD7JVDPSLiAS4SvgKoRT2ZLZ569TVRNOb8ymohtLbhkQUOCFW7s7y2mdYvqX2dZ0R53VVVQ7tAw2uCxYTGSQog08ZvUYs%2Bu%2BYhBMChAJqmydD9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0827
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yubg2433-JHbRjY3lGW4uAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1

43 B
1 KB

31ms
31ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXGsypvj8FqFh_HMRPLyHow1UfnbbAaNi73VhKI0SV7CX49j7pKh9sktWta-npj-irQkE53geeQI5cxLWEXf197U6ZgOcUJ8Wf0PjOzmrQ0g3gSJ2OOzmDhNwvrG_mkd_rKl9Yw-l9heb7b7MXwhh1K-34vZxfA-ssHqb2gtI4xOQAh0lc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7338f4fdfae09130-FRA
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fzVtLmOdgexU%2FrvOn7wGd4aM7J89PAgwjcQl46ax86ay%2FZ84%2F823F6Q6utp9Urrxy3L0H8OYxoYrgPPYnX3Wyg6J%2FQQfi3zNpg8Xj%2Ff%2BTjooouJlxh82EKQzfMVded7nizINIM7fAlD%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0827
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsD0dQUiJfiYqV5ejFKyL4&google_cver=1

43 B
1020 B

16ms
13ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPsD0dQUiJfiYqV5ejFKyL4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXGsypvj8FqFh_HMRPLyHow1UfnbbAaNi73VhKI0SV7CX49j7pKh9sktWta-npj-irQkE53geeQI5cxLWEXf197U6ZgOcUJ8Wf0PjOzmrQ0g3gSJ2OOzmDhNwvrG_mkd_rKl9Yw-l9heb7b7MXwhh1K-34vZxfA-ssHqb2gtI4xOQAh0lc

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:51 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 67923425-0294-4fa5-ad65-2664a5b6a06a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPsD0dQUiJfiYqV5ejFKyL4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0827
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAzNDE3NDE4MjIzNzE0OTc5Ng%3D%3D

170 B
243 B

46ms
38ms

Image
image/png

142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAzNDE3NDE4MjIzNzE0OTc5Ng%3D%3D

Requested by

Protocol

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:51 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1d00393f-1e3b-4e54-90f8-9b4c7311281e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAzNDE3NDE4MjIzNzE0OTc5Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 653C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Z0TJX7J7WD9WYA1M67H8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9HDH2NB2HFSBZFEWBNQM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 653C 70 B
265 B 94ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 653C 170 B
232 B 68ms
39ms Image
image/png 142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 653C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yubg2433-JHbRjY3lGW4uAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1&gdpr=1

43 B
1 KB

44ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7338f4fdaa1d9130-FRA
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjzVIN7P4YcWb4SQO79f71NslpWxz36M2iJVYTmiAkOvColn5FSCGVB%2Bt7SS%2FPskpVFJu6aIoucU6kpx%2Fbikgtyx3W6QmWCh%2FiT0i6Yr%2BUo9VLi4XwwItd%2FpAHTYlJ1J3a2NIS52%2F8jGJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENfj03m1FxeMCi_eqdMPedU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Yubg2433_JHbRjY3lGW4uAAABJcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 653C 43 B
987 B 116ms
31ms Image
image/gif 2a05:d018:d29:3602:68f1:8fce:a96f:e71c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yubg2433_JHbRjY3lGW4uAAABJcAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:68f1:8fce:a96f:e71c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 653C 43 B
408 B 128ms
25ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:51 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 653C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yubg2wADCIhUKAA0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yubg2wADCIhUKAA0&gdpr=1&_test=Yubg2wADCIhUKAA0

43 B
1 KB

43ms
42ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yubg2wADCIhUKAA0&gdpr=1&_test=Yubg2wADCIhUKAA0
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7338f4ff0d0e9130-FRA
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hR%2FOUpw%2BohW8vqQvldHcyqoUR67WFYHzwWkKf2BaWN7BQLSjJWiyZiILFQnpo0NWUQFKLrzbHSXwp8kXP08TJ4c454ZhUeLF4GQt1ccqYqLydwgwTaqO6FrEbEY47GJTWW8lj1SfX8uKVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1659298012.978905,VS0,VE0
x-served-by: cache-hhn4049-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yubg2wADCIhUKAA0&gdpr=1&_test=Yubg2wADCIhUKAA0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 653C 0
331 B 110ms
20ms Image
text/plain 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame 653C 0
237 B 182ms
104ms Image
text/plain 54.174.213.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1659298011383-974638447295-008606-010-008847&biddername=42&key=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659298011383-974638447295-008606-010-008847%26biddername%3D42%26key%3D&s=191876&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-213-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:51 GMT
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame 3BF5 30 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmYvc5c65eXQAgYLD_4rXw5JO1bDxinFez0aPK4R_cmdO_zJEfmQ95SB5fnHgwNTJbXPlmi6ZfCaSnfPgPpmwmpYgghccPAgkkvaw_lV6dDoRHzZt_gceORldfDoTNGrfhdHViOuD3dTuRFpYeYxxnxqhoQ&cry=1&dbm_d=AKAmf-DB_28wqTlMaO2NiXhXoIz9ZT0uay2euq7PcNC0sSkpN4QHazCEBOnWj10ff1W0n7DjRim80-vSQKX7AhLXm7Lhz_CsFZ83MLRVnLwIP8ZIPiKvANRiKBgtvofDNOyPDvtJRmkI0cbEDnIuJcKecxfRZ1lyjRHLYn-6xNpWQ2-n2rJJRmMIt2dO6sTjhQZdLsMdMw25Yn0obkH98xDqNJVP_GLjS0Tbygew4XRu8TfTFU-A9hfrYKHcxHzSVO0IDVI8SuIXyULaRInbRAiiuVbQhR6d9XARgcZMGZUZ-uTSxhnc0XXBCmZFvK3TnPhLcqKB97vince3_IVUtIFjYWOl3AC_RUf919uNpGi5pKV1sI9QR9dnbugHD1_jt3Ehe-lPZhEU6ZhMAHQMmztsJtgQpsiHgP-ajG2iIgh4TKU3ZlAWIpsUFDROQbYyYonCJx4ZYRKr98-8a5qMZ3WWwd1W6TQysLb3HjejgewEu-Kkx13cb2CTcXa2eSWQ0SqNnrVa4zU9UbU0LtGevZMqHaE8mFQ_Q192-Wxmze7FggLE04jAGf7hTdgllLWG82uSaSw0_tms39-xyjKD6-qY4khq0YZ2KM7LrUfE7iaQy80Sz8JCCTQ2yIumNS1is-8bpQvAwQYrLzjWy3Rjwd0eyuhQ5uYZrvUm0ESBlBA9cpdsfPPw57RbYK5Ck2P7S7aWfCjd3Vds9I-w2UBCP6Pz2lZr3nHfxKNR8Y31s_a9dpQJ1XtLSa5Li0ZxN1ldmDZ0w7u063_Tvh09fTrBTXZFo85WdMwZ3xjdDWFVQGThT8DajynUbpFb3t75ptlkvNorhVCJDd-u-z2f6pyrAk3vvfwXb2CN7yrqhT7dkUneoH3n1k2unXkySylukZAqmrMSZ-3092FE5bUp0I90RNbjdU4T-B8bOhYh3YA0jYyNp_IRfVjm78PadchWMZbJoe7zBFD8W1C_2nBCYIgK3ALD1--4wyh_yFD60fipKtZkWuob_pdk3WZMU1FiPmVbf8YdxKJ3W_fA18FjUy_4L9w-hcSq980qcPtH5kY19_bFfJarz_IJX7QiEwdKb85sJBrKelxk3xpXHOfXf5yKYCO4zfRiVJ6WgweAH68xyyP6cOKSQaWyMRUexB9GLOA8M2l1HC6fu7ux35r7gKdjDNjDeXgZ72qigRppUAyFSiBRrkSQVJ8UTniCg0KD1ZJkT8SvGDC7MN9-DF0pcmnBclksm-JSs-0m16kyxN-UUw5BlY3M9GkxIlC1b3M6d7Nn1MOrJARAUdmdqMsZajWlCzksfrq2BWBCWO90E3qbVJdtOmLCWQ0N3CVCrRDtWw70VxbgmDbEPOHACOu3wbxpqG013rKW3kLUjzH52FMzRzFuCPtQq8hNfRO3pQSq4EE1S18fWJp2XjSW-c-Y-cL4PDSW62-zcEWEXF6baTMDj2v4FUwiNDO29prRdWUvuDzL-YCubBRUnb8Nd8TietMtnBCBOR0TKkMQ1ZKOXhum6UhMw2dCEmQb1c0Uhx8Wykyfoki0gfZbLc8g7JyTQyF1rpfMZADpILbB2tqpgEIeJg9xPZpwEg2ZqvQTDMhiy_ZDYZxP6wf7QH9y2FX6SHO1BbAXJ7P2hHsPvMXWULE84KUuzWIXnNfSav0RlOcBxMqku20ulpUfKA0Tc1-OV2-O8C9cBIsm6e6-GKwoV5is-iRyDCePeryyTTrhF1_rUlEZav0cZG-iPD-85x5hSfHTgnpPgrIABeG76z7hB7PW-LnWr7zQdgxWxGTq5If3INFAHiYA4Ii5shdipA803e1E0vWZ_DvUEjPfkihK8ETO6RspxlUcO1gbwR5rXVrboiQ_wkPfMiBbiZia3iuUX_CDnmm-5R9niM_cC2PM7RlwV4thuoTF9KQQwpPNlCZPD_t0WmdMoU34jmFH_Ug0pduLWwFBAkP3DdXBT6OiyG-clf1fDzRVPCIVhh-EZv4JchX6s0Asb_iwT_361juX1nOMCa-F7yccySjPSY2Zw8o6PF61wQXoPcYHfIdNXAsub0dRcE_Qtf_rxN8d7iP-Ng7lWKglp6MDcDqAZ2p0IiWw3otJM-2rODzZEpHMHT4enGRYNzy7C9BGof_8IKkbG-HgmnwuPq4NnzysdgDBvejX12WvHKNUhCY9r44tz1F50XOkvVcYxm7o9JsZt7xgL9-NFbkS9Tdexm4mq0mHrd0OXg36IxUpXxf7mp3mQ6CZfHHWmbXHbwam-W0LTDZVwcZBy8_aQC5ujPhQtbRcuxLB7IqfBRz6pAfWiZP_NhoMPwisnmoPJ2v_t_GB16f7fl_RJWjhN74SlCFr82CjBYk0dVtc8ygNzmv8oDcHoUCdHU0grId5qbGIu0mFQ12_J1d8QujGXQSdBb8hPEh2ZH_W50ecQ8LYzJUY9Nfa0mLLYPUdMd-WRXD-J7ugHkrWPSbhcevzcvNZotFGOBdzdpBJv5DOtAofJwz8SY8qieNbd-vXkvuA5KaGsYwqykMbuzKRrHkXOyhlRQsF60eZIE_Pda0eaO7JES_omR1alVwzVuNP2AChHs8vvH9gEZqpIcxjceECAJBvXZjoTC3U84u576dhbgpI8iOL4PAdPgYCibLqM3eOXx-zFog1V3KDVBmciQVHA_flFfk7eg4S1KkUejJDRJxv7RbwWVk6qBw32W_TlfeYhbh633OoBAYLzElkYfTOyd3337OdeGazsR_4PrjeG5AdsUnQx15m6GIjVF4jVQjGXAISTCfQ9hq_byPnyx3uFFloFgVg0EzYhAIKk8Oherk0Rx9lINox8pq5hH7XWCMpJsBds3iwFva9Xy9-n9p1X8y83_EezBFJzJDnEUjfBrp7mUDBFH1-ri0ISInazUPDvcS_WSLq3NXN0tyBi9vRaBuVE53-HJ_c3RDU8fy37iRfBX0uBQ49_YNMs_6dX1orw3M-3k_RzvI_qcf_FjSV4N-E_Ux39Ncevu7cUT_nUZl3LX8YAhZwpvo7h3xjFWCoO_A3UjfcaDHQUz-XdUu9x2HfkflgsAbJ4_7E2HYg05hcar65If_Ry1P8jVNJOwSaPzwqZQ_FM-IelomcZuTsAKVFx3xjpgVLl4A2NKhbBPYQcMezXU4ma9j4TmQh_m9Yc00vNdte7zGcgPHPSRHbYYTIRSUdSdRGMZvCPuiho0nbvXjc0EX8n6GTohmBsnVvDyQ1xX8Pg0fUvveNOJwz6YFB-q7Xkq7G-OEdmATATboORHmkRfvLKmK6GWMSJyMGAPhbOWNnxj2GdA80YJhJmOkXTUPT8e-pukhoJTFx9rq5Cqf5ZdDBYSoF8pwk5Om87WB_tpd4&cid=CAASEuRorHc_2MvqMF8c0kAmYlcN6g&rfl=2%2Chttps%253A%252F%252Fkesq.com%242%2Chttps%253A%252F%252Fsquareoffs.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6430633989078232507
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 19:58:49 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BF5 41 KB
15 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 12:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 12:27:23 GMT

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame 3BF5 11 KB
4 KB 45ms
13ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 8f4bd5d97fb956b0cc6033f3bd500568ca42cbfeaa9205da1d8caefda61cb839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3935
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C826 22 KB
8 KB 122ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 12:27:25 GMT
expires: Sun, 30 Jul 2023 12:27:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 3BF5
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
1 KB

114ms
91ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: HTTP/1.1
Server: 138.201.63.165 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e8e684fd5f104e4d4a6ae4e8526fbfa7cb6963950fc737fe65f05233dbd95b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24018400144817500710616012037005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 895
Expires: Sun, 31 Jul 2022 21:06:51 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 20:06:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 31 Jul 2022 21:06:51 +0200

GET
H/1.1 206
Partial Content v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 102 KB
0 315ms
315ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Range: bytes 0-665443/665444
Last-Modified: Fri, 29 Jul 2022 04:33:55 GMT
ETag: "1659069235"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 665444
X-HW: 1659298011.dop114.am5.t,1659298011.cds224.am5.shn,1659298011.dop114.am5.t,1659298011.cds205.am5.p

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame C826 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 17:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 17:49:44 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame AFCD
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24018400144817500710616012037005&actionid=981741&produktid=&dt_url=

0
629 B

100ms
36ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24018400144817500710616012037005&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 20:06:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 31 Jul 2022 10:06:52 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 31 Jul 2022 20:06:52 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24018400144817500710616012037005&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA2:8446_91EFC182:01BB_62E6E0DC_13F7C721:2C840

GET
H2

200

index.html Show response
www.parship.de/wplp/htlp/de/ Frame D7E8
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=24018400144817500710616012037005&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID

558 B
967 B

93ms
38ms

Document
text/html

2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control: max-age=30, stale-if-error=432000
cf-cache-status: HIT
cf-ray: 7338f500dd009125-FRA
content-encoding: gzip
content-length: 325
content-type: text/html; charset=utf-8
date: Sun, 31 Jul 2022 20:06:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 28 Feb 2022 14:30:12 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 20:06:52 GMT
location: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server: nginx
server-id: 12
x-robots-tag: noindex, nofollow

GET
H2

200

htlp Show response
futalis.de/ Frame 77C2
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24018400144817500710616012037005&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839

350 B
409 B

49ms
16ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 31 Jul 2022 20:06:52 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 8517 7 KB
2 KB 33ms
12ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=353b56e724&subid=&uid=b35ff9c5574f26ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5nv_2-DmYrf9Df_G1fAP942cgAm1zfmDV8zeuavlDPAuEAEg_pHfH2CV4pCCoAfIAQmpAgQyY4tWJbE-qAMBqgSGAk_QKBUUBlATjr_ybQj_Cgesux-oPZScreAygvm9ArAvlKUKA7jqAHmpdhlNpWCCf2oCgO9fehwZQ6JqT62tMCHkvqFdTBy563wlggujf0_l6EWWFYIVXmaCFdaT50iGp7YH6ELfRwtTaDmvXEzzKss1wma9jdf0jX8uzEtysK_8GeRR-4EbMSuqaqRCk8F7aouqmHAvOBnM7v2XNWIdCfikwjLcgO62daP6_z44PTC8-7ozUKLme7lCUEIdkSkpfLHv-lZw8p6ts2Zw85EtOrkx_IYMys7Q3XOgw8obu-2owuq9mjbCTWx9OsZ6CN1CUImpsGuG_HohrRRTevKhf-TBbbRF7uXABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRorHc_2MvqMF8c0kAmYlcN6g%26sig%3DAOD64_1qOBM6-K8jCFJH05C6ruQFcNzKEg%26client%3Dca-pub-6766358096536054%26dbm_c%3DAKAmf-AuJAHUahacex5wUtxBQdYsdfaEe2v9TiBgURyjodXbTW-gMhWg0lfutCRuQS40R0lwpl97z9m8zVE-WXsJLqYVIooGtkKqbSKB_4Kx1mtz0mqWShOCYGoOYE3isQFdY5vuvl99axSx-Eb5gK5VQ-CeEX-Qpw%26cry%3D1%26dbm_d%3DAKAmf-D3euucrry_CIcqfVnu196plUbpLOWElsBe7zl8479y67gWLDs8kBugL111-1-8mYKFGipfMxQcgh54PSpHU9YKegUO4xuCl37iCNQtJoSCqJjuq6pQ41zrbghRUPmqFnEGYWYtJhAjkD-i6-bZCXW5U8oe5TdPNU8r_BLM4j3SvNK_NxPD6YensjspRYNKusSzT08RKkO42f5ggM-_8ckB86D4E9zO-9239YH4O3B05DB1mNKf6QKq6kRJxI9ooCcjBjEdz3PcU8Hh6KyMHx1OTU98Xod2dEYsidzRH_zG0wAqMzn8G0TLLLsj8DFkoX2x3Ys2EsabnNcUmSv8n3L_GpCdSZOMyhZ0Z3NbvF284ojkOuQqF6tzPvjHF2rTfAaGmIy8M97nlY1iaxkUrRV5PVBfU49DLOErAyzc7q8D5RwAr4aPwfbpe5wWlY-CCu_Ed9bF%26adurl%3D&documentReferer=https%3A%2F%2Fsquareoffs.com%2F&ancestorOrigins=https%3A%2F%2Fsquareoffs.com%2Chttps%3A%2F%2Fkesq.com&random=5517567003219&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e87e009032216efe6de0b9856944ba89858250936e908e59200f79a142180e96

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2063
Content-Type: text/html; charset=utf-8
Date: Sun, 31 Jul 2022 20:06:52 GMT
Expires: Sun, 31 Jul 2022 21:06:52 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 3BF5
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24018400144817500710616012037005
https://ad-server.eu/wm/pb/native.png

68 B
312 B

208ms
26ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:11:18 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:8448_91EFC182:01BB_62E6E0DC_13F7550D:2C841
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D5B5 1 KB
749 B 36ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 21:29:59 GMT
etag: 48472445140208031
expires: Sun, 31 Jul 2022 21:29:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 8517 4 KB
651 B 119ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 19:16:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 20:06:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 20:06:52 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8517 16 KB
16 KB 34ms
12ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: ca76f767de2229c0ed756d8216a90c2668f7f3983644ee002666534ff38954fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16247
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8517 7 KB
7 KB 34ms
12ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a0a747933960c27dc9e8d0dce309c4b86df3247e4d576b3627f4ec06072a0738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7156
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8517 13 KB
13 KB 35ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a4b01c636e19d7615a29fc42054e7360fcb13a709fdd57d20b1d26e4b2ffd046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12987
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame D5B5 35 B
362 B 12ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAurAug66fmt0iGs4MMYB5s&google_cver=1&google_push=AehlK4DLgE-JNOaBT01qkx_OsM01Z9feHQEf9mVz-5KbcVTSpVIEAxPhyHHsRIXNmnA-qWtiPnMbpbYqYE0kyvkwF4_S_iGJXGLp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5B5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CfFprN...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CfFprN...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MzEyMDA2NTIwMDAxNDQxMzM5OTI3NQ%3D%3D&google_push=AehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1Cuqrjp...

170 B
188 B

39ms
39ms

Image
image/png

142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MzEyMDA2NTIwMDAxNDQxMzM5OTI3NQ%3D%3D&google_push=AehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1CuqrjpWypr74FNBQnj0F_p2J5e8wGzmmj7EZ

Protocol

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MzEyMDA2NTIwMDAxNDQxMzM5OTI3NQ%3D%3D&google_push=AehlK4CfFprN9zmq4a7nas9WNO_UczwZNaYH9XZm5gWhZFCwSHR23csSJBkcVml1CuqrjpWypr74FNBQnj0F_p2J5e8wGzmmj7EZ
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 31 Jul 2022 20:06:52 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame D5B5 43 B
356 B 115ms
21ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGO6gp_GXMcSESn0mjs193s&google_push=AehlK4CD38VZnwgNvwevq_rHMFetyWIlUpH7M12OfUcpxyzVEyujSf8JUl86QwRs7vXxT_U45HH3U_WIuNjm0m-Na3Gtiv4WTKLd&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D5B5 0
166 B 179ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEClJODCZmdJGSMz9XuJheJk&google_cver=1&google_push=AehlK4A7nDpsduCXyi0SXO_o76ulCPLTGLvMKcVQvUyYiA0PqIUFl5R5XLON0rQzC7PKnUwjPIl__CgI6RagTXV3fNORapbKa3UH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5B5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFGYYAcMc9Q22kNkzz73fBw&google_cver=1&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5UjcwOE0tMVUtRE1DTA==&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxFibLhRBzcLPmt6ld2onFWTeQvJ

170 B
188 B

38ms
38ms

Image
image/png

142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5UjcwOE0tMVUtRE1DTA==&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxFibLhRBzcLPmt6ld2onFWTeQvJ

Requested by

Protocol

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5UjcwOE0tMVUtRE1DTA==&google_push=AehlK4CjRSvH7yREdIKfF7Vmq2iZAK9iofATzLaZinccb8EP1SAIMrg_oYj1ttZao5VjNWLhtxFibLhRBzcLPmt6ld2onFWTeQvJ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5B5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRW-gJt8Vdn85gNw2biqSA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&google_push=AehlK4CH5prq8jS8ltS6ocu4ymAQpZYZI60889ETLtb1iWD-mGJWLSSgHhT6CpUGAbmm63um9CYPNtCdX2bGva-4KO...

170 B
188 B

38ms
37ms

Image
image/png

142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&google_push=AehlK4CH5prq8jS8ltS6ocu4ymAQpZYZI60889ETLtb1iWD-mGJWLSSgHhT6CpUGAbmm63um9CYPNtCdX2bGva-4KO60hfGvFEgp&google_gid=CAESEDRW-gJt8Vdn85gNw2biqSA&google_cver=1

Requested by

Protocol

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

cf-ray: 7338f4ffbe759b21-FRA
pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By%2Bn6ucVMQa0tNmUHOOMax5SumzQQtgqb5qJ8KhI%2B3Nnbq3SyZlZYf1DM53NcuepCxq1cOTheQkYJ2Wu6hVGB4DvBJniDpa8D2nLdIZtIufmDIqwnaWPtKD1kSwywRfE%2FpzjxV%2B%2Fv3%2BOIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yubg2433_JHbRjY3lGW4uAAABJcAAAIB&google_push=AehlK4CH5prq8jS8ltS6ocu4ymAQpZYZI60889ETLtb1iWD-mGJWLSSgHhT6CpUGAbmm63um9CYPNtCdX2bGva-4KO60hfGvFEgp&google_gid=CAESEDRW-gJt8Vdn85gNw2biqSA&google_cver=1
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame D5B5 43 B
296 B 287ms
21ms Image
image/gif 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAWEZzHzmB7GXH4QbiGc1Co&google_cver=1&google_push=AehlK4BLpz4X2bCP2KKwBHKv28D4eT8qdEcgVwq9py0uQhrsDpM-9mTtRpVagrYWLBKsW9ach3Gw7pgdvhvJywHU5dSsBUmiS6Ku
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6766358096536054&output=html&h=250&slotname=4162458673&adk=2861717531&adf=2213545583&pi=t.ma~as.4162458673&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkesq.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659298010870&bpp=1&bdt=919&idt=252&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3358616899376&frm=24&ife=1&pv=1&ga_vid=1549997537.1659298010&ga_sid=1659298011&ga_hid=1449248160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=442&ifk=3805438095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C44761793%2C44763827%2C21066429%2C42531605%2C42531608%2C31064019&oid=2&pvsid=259163319334019&tmod=1971152326&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C442&vis=1&rsz=%7C%7CanepE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.iowhjqhbavfh&fsb=1&dtd=256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D5B5 0
12 B 29ms
28ms Image
text/html 142.251.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGeUiU5XzgbXuTt6_nvrBPAAYhJn3fr1K3uOfFyfKzViiCw2JFEhmCMHUectHNCaW9TBHd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi90Y2-DmYq-aJaOrrATEjpmQCQAAAAA4AeAEAg&bg=!enmleT3NAAacadVKvGk7ACkAdvg8Wmzf2a0irS_RSgyXpV_ZLZ72IqfeN3OS5ILPYSlTwVtiIYKwIQIAAAByUgAAAAJoAQeZAt94brTpUq1FV8picgmEHW1z8BPKqQAtFxvFB3IrvM_TuB9ixl4-hNOCz0hSEXUT-20_-awAj-TZpJMZRJzN78JOiFVbl8QjnjFuws2omegHh88TuupBB-B24DqW_Lvr9X_vV4h7pB5YDQghLL_R5uWVEzp6I8aRDJ68kVhhx1N2IbBni6GbbnciNF0kDZkIzM-xRg4Ew6HgdylqJon_weybK4Emk1mvAZbEXTFqQhov_ky8AjWYK8V-STlIJjudeHkr3Z9zBSA_KX-t-SyeLKaZ4KktiynKHTQcjjiowZ46oHONa5dLi08R79wIYyLaRl4AfdHH7-GJyKLkqEpcJLYNrcQ2Tinih-HwPJK8LhX9USuiAQxnTvjH4ABGeRnkgfBBn1mK19F3m3wcbrSKmrC_CEEYOckvNeW24T0iP2DzS8Xa3iJ1xXZG2bTcE9QK8ejon216Ftkyqo7rgtkjInkqPrPlAw9UQQ6hBlyi6q8EYi_hNj2QpdiIf-5u6tAud6enWXQm6QzaeGJvXTgu2-71vrJIytxXabXd4u1QkAHCzJZhD61maouOS7YR8iL9K9QanunVpPMI_NUA1B1U4FhecGtHFnCmqlBDxPdHqV4ejVAO5cbHSO-1gZorbaCv7A18YZ-jicSw9XAV_7lhypuDLYWS6ES5nxPjfOyQh6dVvoWD3zZine2hf_FeIECiPm_jyG8sOCeaimQH2Y96RHmeXs69DBzSEw_Ex_9VXUc-OSTH7su8eQ8RWQHta30oO-gI8DN-4xR2HuqxZtq5CBbgEO4sic95Hb31hSrPLpE3BNLPZrRWOFUWHHSdUp8mXFJMeidGUbugxgSNyIQ92UWTwpsR6kNYnZ6fSbUDksgotqCXbj7sWtUsmjMQwPKrzmZryXssp5q5Qyk898Fx7dnPWl6yZAeeEK-scKieyehdySfly16MkRkZA3haSIn8wjXPpgzocVftmGlHZgAfPYg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 77C2 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1517760839
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 8517 0
150 B 35ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=24018400144817500710616012037005&a=53ce03b0&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=24018400144817500710616012037005&a=694de3ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 206
Partial Content v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 10 KB
10 KB 43ms
16ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ae2f1c27b7ce8e6fc710291ef6cd41aea36f11b7dc4f0d2273b28741784c5e9a

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=655360-

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Range: bytes 655360-665443/665444
Last-Modified: Fri, 29 Jul 2022 04:33:55 GMT
ETag: "1659069235"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 10084
X-HW: 1659298012.dop010.am5.shc,1659298012.dop010.am5.t,1659298011.cds205.am5.p

GET
H2 200 peg_logger.js Show response
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame D7E8 12 KB
4 KB 27ms
27ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19269
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 10:03:55 GMT
server: cloudflare
etag: W/"62399f0b-2ea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7338f5012d6d9125-FRA
expires: Mon, 01 Aug 2022 06:19:21 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame D7E8 30 KB
9 KB 29ms
29ms Script
application/x-javascript 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689ff7cb7dbf8065daefadaa13213620126df9fb5d5575cad58a97b325451e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19269
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Apr 2022 11:46:03 GMT
server: cloudflare
etag: W/"626a7e7b-77a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7338f5012d6f9125-FRA
expires: Mon, 01 Aug 2022 14:45:42 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame D7E8 24 KB
10 KB 103ms
21ms Script
application/javascript 2606:4700::6810:cb16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 446165
etag: 768077806--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 7338f501e89c915e-FRA
via: 1.1 google

GET
H2 200 nvi Show response
www.parship.de/nocache/ Frame D7E8 15 B
388 B 51ms
51ms XHR
application/json 2606:4700::6813:ba79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID&ref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F

Requested by

Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 7338f5016dd29125-FRA
content-length: 15

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ Frame ECF8 38 KB
14 KB 29ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4027-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1659298013.518044,VS0,VE0
date: Sun, 31 Jul 2022 20:06:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10495

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ECF8 14 KB
10 KB 143ms
64ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env

Requested by

Host: squareoffs.com
URL: https://squareoffs.com/embeds/4847?feed_size=small

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bd82c9f483f059a738dd1a0320fc447fb4569c400a194badd4fe59b0822e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10563
x-xss-protection: 0

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 27ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: kesq.com
URL: https://kesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4027-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1659298013.518146,VS0,VE0
date: Sun, 31 Jul 2022 20:06:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10495

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 132ms
54ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

959ffc1c9ed6e4f06054bb3175d9459a37e79fc5b4b756c23a14abf3117be8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10520
x-xss-protection: 0

GET
H/1.1 200
OK 7734a6de03 Show response
bam.nr-data.net/1/ Frame ECF8 49 B
721 B 329ms
279ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7734a6de03?a=1459889&v=1216.487a282&to=dVdXQEIMXlwHFEoBWlRdXUcfEFpfFQ%3D%3D&rst=2749&ck=1&ref=https://squareoffs.com/embeds/4847&ap=42&be=190&fe=2711&dc=374&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1659298009780,%22n%22:0,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:2,%22ce%22:2,%22rq%22:3,%22rp%22:168,%22rpe%22:169,%22dl%22:171,%22di%22:374,%22ds%22:374,%22de%22:390,%22dc%22:2711,%22l%22:2711,%22le%22:2713%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 7338f502afcd9948-FRA

GET
H/1.1 200
OK NRJS-732a47d8cba967ef727 Show response
bam.nr-data.net/1/ 49 B
721 B 300ms
259ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-732a47d8cba967ef727?a=615752172&v=1216.487a282&to=YQBWZkNZWxFXVkJfXlhKdVFFUVoMGUVXUVQbB0FbXVxQEA%3D%3D&rst=3536&ck=1&ref=https://kesq.com/&ap=1162&be=255&fe=3491&dc=1349&perf=%7B%22timing%22:%7B%22of%22:1659298009003,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:35,%22c%22:35,%22s%22:41,%22ce%22:55,%22rq%22:55,%22rp%22:224,%22rpe%22:237,%22dl%22:227,%22di%22:1334,%22ds%22:1348,%22de%22:1358,%22dc%22:3491,%22l%22:3491,%22le%22:3494%7D,%22navigation%22:%7B%7D%7D&fp=760&fcp=760&at=TUdVEAtDSB8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 7338f502ade490e0-FRA

GET
H/1.1 206
Partial Content v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 544 KB
0 15ms
14ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-66459c6c-6323-4432-2266667-9078-e1f8af3e4f0f-s47.147-53.887tvl.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=98304-

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Range: bytes 98304-665443/665444
Last-Modified: Fri, 29 Jul 2022 04:33:55 GMT
ETag: "1659069235"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 567140
X-HW: 1659298012.dop010.am5.shc,1659298012.dop010.am5.t,1659298012.cds205.am5.c

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 20:06:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ECF8 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 20:06:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F094 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 17:50:51 GMT
expires: Mon, 31 Jul 2023 17:50:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58D5 783 B
535 B 107ms
63ms Document
text/html 2a00:1450:4014:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccad19f704923a6eccf3c46faa737668784b97d45728ce1ed29d5f34204d901f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hGGiHENi7QqSHaPcTMXF3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kesq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hGGiHENi7QqSHaPcTMXF3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:52 GMT
expires: Sun, 31 Jul 2022 20:06:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
96 B 167ms
167ms XHR
text/plain 54.187.193.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=4bf1b110-da4d-4759-8f55-bd32745bba3a
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.5.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.193.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-193-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kesq.com
date: Sun, 31 Jul 2022 20:06:52 GMT
access-control-allow-credentials: true

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 668C 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://squareoffs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 17:50:51 GMT
expires: Mon, 31 Jul 2023 17:50:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8678 783 B
536 B 95ms
64ms Document
text/html 2a00:1450:4014:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9352de6cca8fb7a724e4643e7276ea6306b86731eac6a3069adb11197900de7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Z07_gSQuBjhUYlD0RI1DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://squareoffs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8Z07_gSQuBjhUYlD0RI1DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 20:06:52 GMT
expires: Sun, 31 Jul 2022 20:06:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame F094 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 17:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 17:49:44 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 668C 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 17:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 17:49:44 GMT

GET
H/1.1 206
Partial Content v-646268e2-bfe2-4697-2266223-b7b7-17756fdb442c-s80.881-88.288tvl.mp4
apv-static.tldw.me/videos/ Frame F3FA 513 KB
514 KB 44ms
16ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-static.tldw.me/videos/v-646268e2-bfe2-4697-2266223-b7b7-17756fdb442c-s80.881-88.288tvl.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 0e39168aae4d6011c196e6de01da92c783ea42dc2789cafdfacb2a4258675ba9

Request headers

Referer: https://kesq.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 31 Jul 2022 20:06:52 GMT
Content-Range: bytes 0-525290/525291
Last-Modified: Fri, 29 Jul 2022 00:49:50 GMT
ETag: "1659055790"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 525291
X-HW: 1659298012.dop240.am5.shc,1659298012.dop240.am5.t,1659298012.cds007.am5.c

POST
H2 200 _.gif
counter.tldw.me/ Frame F3FA 0
157 B 217ms
217ms Ping
image/gif 2606:4700:10::6816:4aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.tldw.me/_.gif
Requested by: Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.41.42/tvp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1659298011.dop124.am5.t,1659298012.cds119.am5.shn,1659298012.cds119.am5.sc,1659298012.cds119.am5.p
content-type: image/gif
access-control-allow-origin: https://kesq.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7338f503ec149046-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 31 Jul 2022 20:06:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58D5 0
0 102ms
102ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072102&jk=1533716713199401&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8678 0
0 135ms
135ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=259163319334019&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F094 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fAc3eA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 668C 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xGo-6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 105ms
104ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072102&jk=1533716713199401&bg=!oaKloubNAAacadVKvGk7ACkAdvg8Wt0Xj3q-u1dPqNAwTWacuXS2GEO9jxWtjWJOKhy46vdcSin6LAIAAACbUgAAAAJoAQeZAurTUqjGQEH0inZziGVtfnJR1zZqPfs9mijJF9Yx3Zvb9i32tiD9jRS6XTD_vaZ64rm0HwLKEo7tzBkKYO49UaWxpsG5iHJHsVOCQHmrt7cHC2Df7PZfXhDjOtPpbULewyhYGLiw_wStD0Z6ob0_5hSCXS-N3DmNgvJr05YAyW52Uu9IH175mRenN-hdjpH_q8kQ0ONzawV-e2WoQOZZeGhtEviveLBEwpdEKdYxMFTxS5VC7e8m0M0zixrnvLCrbCfK7B77l5vQwoDfm72a5G_KIRVNJEHdKcW-xC15aCvnFXz5__UsjA09INRqxD8PPhYTRBImOThv5P3uBYxpdkwEM2PvyBM15Vce6I3r4VvVfpodaUOYJJToclbgSSN9OdjGgkPPyaoz7hqbR5WOBM8nZkAKcP-44XgT6gtPM792K0KF3l99CKuDrsWfOx-Oor_LEHF0cBT4SSFul5W2pQfyJeb4sHUyhdvoiRavdvl6JnsiEVitD5RjjAqS7_sS5lGTh6ppRGaS6tY1980RGvkeBHkJvzD-eeIFW0w_6H81wA97zImSZ_mukpuWTZYOfJkJdEM8qq9M-W6YlhOCOGsdJyKKgjhhH8f2LNXUVHGiA4dagLAB1WntjBcR3C3FFbzZ9_sW5sLiMRfsmT7HFlWF7xXDBVKHca7Zyn-tkR-rEAZkwF0k5bOxcn2dg4SkGgc6tQZnVV_h3hZ7mDOe0YdrpXITEk31PCyXdNqvvmgguiazIOE67XwmRp7yFp_ngY5bM9TVKNVbTgAbFj18YZRyDEuVntV9B-_cZMsNVAWDFN5y0pEC4wyaAi4zfMRWSLAlMuPuG_kauVkNfepuu5yxZgOGVqShFCvmQcOjwjNY1cAhwJtkQyYhK4mKe-l8rBpkjkLQMrxidL9WPHqw5sfMFGyr8e6bEDNV_VskZzLe8ug4SAkXcyUlAh0VLOa3sWcIqnG-_A7eNzTEBs2iyKhuOQMZPh7IFceJMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ECF8 0
0 138ms
137ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=259163319334019&bg=!U1ClUBTNAAacadVKvGk7ACkAdvg8WisDdiSbWz3Q7lOIaNqe3rXyCSZ1ry9K2oO_hP5QPjhn7Y6yJwIAAACGUgAAAAJoAQcKAA1JvyQ9l3oCQbXA5xmbmQKjSuXpsHMvw_7qu3LgVwKDmhXiPWN_-HPyXQGAA7mT38DHLYQzE7SchbUCwOtr4wfQ_4xnYPMVH9Rj89ZkMIqRDx6yQZNW8YLN3ideNwQQ8b6DweBK_cTRqucFvLrCi-gnagl6TvqzASjj1T4EF_beCytlu0sbLOMa-j-4ztT4C5EL6Ugt6uuSzQfQdk2L_L3imiGy8_TgFsk96sgz-ZivZ0eCTCZsB1rcRbaFP6_Wo1QkbLVvL1rinhKW4ufAPSZV5gb82SCufJx3xDDI5kF_siR0WFRu__4RNGU1N0IyV4o8yvmEg3kGiTqVOKdFk0ozZWp7iR2FxWWSRVO0t6XQMgQsGY-St0KiieH6qnr0bjhzsL0k3kcWIAatCCKI5DTSJzRg8alEFfiJSxJR8oGyWpfafob-C5zMWYIkgP6ynWZZSbxswG76X1bHjjehceWNTBeyuBtZ8ASKP-aKWR5_8CsxCqXO0sJq4yoS8_T3zgJEQ5FTqsgGhv1R5Jg9-Ksc1l6abYjaF0gsODOsd_PPOs6BK3Vhds_Sah-hmCC8cUCzWuuiBXYYQ9PGvCIzD3ofdgSnzlnmDS8MlW30yWSgbNBqhHhM7s53KxYEnsMJSXs6P3ttC1NM7KQVDHsRjYFuQR1H5jQx1Rzu67F8lWgh25sv5Bys8-W2dOkvUfqSXuefPKj18iedv_AtZUqk9GW4frq97iWHmtmdRwZUhRRFlcaWyZDUoLj6HsbursVzWdG5GuDMqQHwXQ-8U0UErQBeUDlwC21w0Q2C5ngZzpwM8V173rBF9k6WW_fzx7R8KfnqUvcTRwRf3d2Po8w0mJtXLkMnO8Fq2V2f_r6vhELkjupUQhm1nG85wcKYISVSAJfik8Aftn3dhEi76FrlYVnX_7xP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://squareoffs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 214ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kesq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kesq.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 31 Jul 2022 20:06:53 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1378
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkesq.com%2F&domain=kesq.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=hBjQl3xyV2VyQk5EWVNyMU1EZ2szdFlTSXQ2WkhNMENTTmdHVWR5d0FMODhidS83R1p0Y2ZXWTBRZ21UNWQvQUt1ZVBGV0h1R2JvOVhvN1dtbDVReDVUTVZLZnFVRHArdUYxL1VsdG0yVGtWaFM5NFpqcHZ1ODVzelUxNV...

336 B
608 B

50ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hBjQl3xyV2VyQk5EWVNyMU1EZ2szdFlTSXQ2WkhNMENTTmdHVWR5d0FMODhidS83R1p0Y2ZXWTBRZ21UNWQvQUt1ZVBGV0h1R2JvOVhvN1dtbDVReDVUTVZLZnFVRHArdUYxL1VsdG0yVGtWaFM5NFpqcHZ1ODVzelUxNVpuWFJjbHhPdUtEQzRremNSQW5WOEV2WDJjTGFMVjZxeCtwQ0VwVGJPZWNYSnZsRkFWSWNFTWdnU2hsMlhHQTFTRFpuM0FrdkF4cnRDT2lsM2JNK0pTVG9lL0dzYTIwQ1F6YXAyZW9aM3c3WVNWYXVYV2xBPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b42e22e6c51d4d6977f7baa9c44458875d6952ac5f3aaa9ec20596202fb3f484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kesq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:54 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2813
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 20:06:53 GMT
location: https://mug.criteo.com/sid?cpp=hBjQl3xyV2VyQk5EWVNyMU1EZ2szdFlTSXQ2WkhNMENTTmdHVWR5d0FMODhidS83R1p0Y2ZXWTBRZ21UNWQvQUt1ZVBGV0h1R2JvOVhvN1dtbDVReDVUTVZLZnFVRHArdUYxL1VsdG0yVGtWaFM5NFpqcHZ1ODVzelUxNVpuWFJjbHhPdUtEQzRremNSQW5WOEV2WDJjTGFMVjZxeCtwQ0VwVGJPZWNYSnZsRkFWSWNFTWdnU2hsMlhHQTFTRFpuM0FrdkF4cnRDT2lsM2JNK0pTVG9lL0dzYTIwQ1F6YXAyZW9aM3c3WVNWYXVYV2xBPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://kesq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1598
content-length: 482
expires: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 215ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 31 Jul 2022 20:06:53 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 304ms
101ms XHR
text/plain 35.173.69.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?r=kesq.com&sn=1324123&cd9=https%3A%2F%2Fkesq.com%2F&ic=0&tgt=0&app=&wi=754&he=424&test=&d36=6.2.40&apppkg=&fv=1&proto=https
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5a16a1b928a0616e7966522d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.69.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kesq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 31 Jul 2022 20:06:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 tristan2-1.jpg
events.kesq.com/wp-content/uploads/2022/04/ Frame 34B7 4 MB
4 MB 116ms
115ms Image
image/jpeg 35.223.203.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.kesq.com/wp-content/uploads/2022/04/tristan2-1.jpg

Requested by

Host: kesq.com
URL: https://kesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.203.253 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.203.223.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e67c6d94cd2a08f62fa76e292cfe34363bad74181a8a99669e3b377a53c0d781

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feed.mikle.com/widget/v2/153514/?id=fw-iframe153514&preloader-text=Loading
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 20:06:56 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3846372
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Jul 2022 00:25:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62c7795f-3ab0e4"
strict-transport-security: max-age=63072000; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
npgco.blueconic.net/DG/DEFAULT	1970-01-20 13:40:34	Name: BCSessionID Value: ca7739cf-7ae5-422c-ad86-02024315260f
.postrelease.com/	1970-01-20 13:40:34	Name: opt_out Value: 1
kesq.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":320273,"placementID":376325,"lastInteraction":1659298009879,"sessionStart":1659298009879,"sessionEndDate":1659312000000,"experiment":""}
kesq.com/	1970-01-20 04:54:59	Name: __browsiSessionID Value: 87755b72-f884-462b-af40-dc68903f2b32&false&false&DEFAULT&de&desktop-4.5.14&false
kesq.com/	1970-01-20 13:40:34	Name: __browsiUID Value: 8bdfcc4d-26f0-4709-acae-63eb78999ea7
.pymx5.com/	1970-01-20 09:14:10	Name: _ia_uid Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.T_9LClbpiSu-AA1iIArNTwf2i7Zm-5FjeWJjrdzbK0rJeIzbD-UcrQ.UvUbPRjwSaZzjeuP.ARDfztP_Z49ngk3fvzdjQiYXBte4HLmRF6qNoqRweENsxOnUi7Uswguk3qqsh7KN3qxE7ylClffUVNzEQNJPkbUIz16UTbE8P0uUFI_UIY9Qa-sI49_DPlRk7eDJkEDalu8vOcJlcyXS8Xo_jmmOunlwwXGb0lmLgBANJcFpnzz2p3EK_WZDkcOmeq-ZR6EPVIjqV6wgPbYaxSNZ8AChBsM_NliKKj9cBhaT2aSFM5suAzPyxlh8jEsc8akDhPp-H_D7LTYL_bp0pTxsBfV_DqNYb3lYQklPaBmtS9CRAJCOoWc0AF26WbsTW8v7j0WP9h_JmgOuBprHveSeA77vKBtv29lvc_p-6qTpFmBQRic.jMoU9E5sebE2CzWU1sY0Zg
.pymx5.com/	1970-01-20 09:14:10	Name: _ia_version Value: 2
squareoffs.com/	1970-01-20 04:56:24	Name: testcookie Value: testcookie
.kesq.com/	1970-01-20 04:56:24	Name: _gid Value: GA1.2.108756936.1659298010
.kesq.com/	1970-01-20 04:54:58	Name: _gat_gtag_UA_19610616_1 Value: 1
.kesq.com/	1970-01-20 22:26:10	Name: _ga_T7ZNM1KRXQ Value: GS1.1.1659298010.1.0.1659298010.0
.kesq.com/	1970-01-20 22:26:10	Name: _ga Value: GA1.1.1223097823.1659298010
.kesq.com/	1970-01-20 05:38:10	Name: minUnifiedSessionToken10 Value: %7B%22sessionId%22%3A%22a715502231-32b051f48b-87b27ea9ef-14ff4683c4-badbbdd7e4%22%2C%22uid%22%3A%2290853be960-c6f21d014f-e56eac891b-b67f1b53f8-e530299554%22%2C%22__sidts__%22%3A1659298010418%2C%22__uidts__%22%3A1659298010418%7D
kesq.com/	1970-01-20 13:40:34	Name: minVersion Value: {"experiment":1647633311,"minFlavor":"yt_supportmi-1.13.9.2.js100"}
.quantserve.com/	1970-01-20 14:25:12	Name: mc Value: 62e6e0da-75c00-8102e-b7e78
.kesq.com/	1970-01-20 13:40:34	Name: minUniq Value: %7B%22minUID%22%3A%221e462c652c-a9b3397c92-c1104925cd-f1e7a5cd74-b00b93aa4e%22%7D
.kesq.com/	1970-01-20 04:55:12	Name: minDaily Value: %7B%22testMode%22%3Afalse%2C%22dailyUser%22%3Atrue%7D
squareoffs.com/	1970-01-20 13:40:34	Name: _square_offs_session Value: WkpvU2RlaTgwdE1sU05pdHkyVVJxTUVXKy92UXdJM2dyTHN3S1d6QlJGWW53TnFCVSsyL25aWDNsNTRENXRYQlVQZDdrRVJkZXFJb2pNWTdRd0V4cmtxTlpIVXlWWU1jNFBLb3JyaU0wU1pXMmNOWkErVUsrTER0VEtVMmY2Rk9HWDBZd2l5WU9mZW51K3QzK0NBWGFTODRUREk2U09TWjJsWVFBcERaVzJlWE9IblBzVEhpTTVNcWpXbXBMWEVJNUs0T3ovZmFXZGhicjQ1S3B0dGJNZz09LS03dlZBRE1SVk80WjRYYTNUNHdnamNnPT0%3D--38861f6b7d5c0f1aaee6883cb0656077cfb03d5f
.kesq.com/	1970-01-20 13:40:34	Name: BCSessionID Value: ca7739cf-7ae5-422c-ad86-02024315260f
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WnlK7u606_g
.youtube.com/	1970-01-20 09:14:10	Name: VISITOR_INFO1_LIVE Value: 46QgHqOl5YA
.kesq.com/	1970-01-20 13:40:34	Name: minBuffer Value: %7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D
.kesq.com/	1970-01-20 04:54:59	Name: minSession Value: %7B%22minSID%22%3A%227ed10e2f4b-b57fa464d4-055905df49-e5357939bd-00327cbdd8%22%2C%22minSessionSent%22%3Atrue%2C%22hadImp%22%3Atrue%2C%22sessionUniqs%22%3A%22%7Btime%3A1659298010810%2Clist%3A%5B27404531nf0%5D%7D%22%7D
.kesq.com/	1970-01-20 14:16:34	Name: __gads Value: ID=790fc260ae19a71c:T=1659298009:S=ALNI_MbHzRHSsjNlVFB0fs494PPO1Nv36g
.viafoura.co/	1970-01-20 05:38:10	Name: VfSess Value: h3qrb5qgpailrj3jcpej9psn9n
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.doubleclick.net/	1970-01-20 14:16:34	Name: IDE Value: AHWqTUlmKEn7NSIqIOcurJjaOKlu2I4RrgEV3IcQfYYBbaJFZ685VWhnMlis3U-VJYc
npgco.blueconic.net/	1970-01-20 05:05:02	Name: AWSALBCORS Value: em/lMrS+xdh52F7t27ARPYGL10KnKWK/5Qkj6O5bSfkzIY1BXPa616RBmranwSfzlEqe0JnB210/F9UtlstUTAyR45P5IWOp4WFV0wCqAp6dJTl7kWFG1x2RkWRX
kesq.com/	1970-01-20 04:54:58	Name: _vfz Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.1659298011.1.medium=direct\|source=\|sharer_uuid=\|terms=
kesq.com/	1970-01-20 13:40:34	Name: _vfa Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.5f01fd71-d7de-4077-aaf2-c2345c125e53.1659298011.1659298011.1659298011.1
kesq.com/	1970-01-20 04:54:59	Name: _vfb Value: kesq%2Ecom.00000000-0000-4000-8000-71316c0c39fa.2..1659298011....
.adnxs.com/	1970-01-20 07:04:34	Name: uuid2 Value: 2034174182237149796
.casalemedia.com/	1970-01-20 13:40:34	Name: CMID Value: Yubg2433-JHbRjY3lGW4uAAA
.casalemedia.com/	1970-01-20 07:04:34	Name: CMPS Value: 1161
.kesq.com/	1969-12-31 23:59:59	Name: __utmc Value: 98699140
.kesq.com/	1970-01-20 09:17:46	Name: __utmz Value: 98699140.1659298012.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.kesq.com/	1970-01-20 04:54:58	Name: __utmt_ds Value: 1
.kesq.com/	1970-01-20 22:26:10	Name: __utma Value: 98699140.1223097823.1659298010.1659298012.1659298010.1
.kesq.com/	1970-01-20 04:54:59	Name: __utmb Value: 98699140.1.10.1659298012
.casalemedia.com/	1970-01-20 07:04:34	Name: CMPRO Value: 1175
.viafoura.co/	1970-01-20 13:40:34	Name: vfDeviceId Value: 3a223f0d-6e14-4f57-9129-f86d90558ea0
.spotxchange.com/	1970-01-20 05:35:17	Name: audience Value: 511f3aa3-110c-11ed-9a22-13b80d860206
.adnxs.com/	1970-01-20 07:04:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUjL5F[H!@wnfH8K6pQK`!5=E<L5>xi_k^sx_3Nv922Qo`igZZ6$h.HII:/`iXl!jZ#bpRzqF1`b^Ns)v$''
.yahoo.com/	1970-01-20 13:40:55	Name: A3 Value: d=AQABBNvg5mICECMJ8IhPsOeNDJeOtWs7TBQFEgEBAQEy6GLwYgAAAAAA_eMAAA&S=AQAAAqdX5wSDHd2fmbO1IVtaim0
.redintelligence.net/	1970-01-20 07:04:34	Name: 8lcfmzhxc8d6_uid Value: e085553aaf558d56
.aniview.com/	1970-01-20 04:56:24	Name: 2_C_200 Value: OPTOUT
sync.aniview.com/	1970-01-20 04:56:24	Name: 2_C_200 Value: OPTOUT
.aniview.com/	1970-01-20 04:56:24	Name: 2_C_55 Value: 2034174182237149796
sync.aniview.com/	1970-01-20 04:56:24	Name: 2_C_55 Value: 2034174182237149796
.aniview.com/	1970-01-20 04:56:24	Name: 2_C_42 Value: Yubg2433_JHbRjY3lGW4uAAABJcAAAIB
sync.aniview.com/	1970-01-20 04:56:24	Name: 2_C_42 Value: Yubg2433_JHbRjY3lGW4uAAABJcAAAIB
.aniview.com/	1970-01-20 04:56:24	Name: 2_C_2 Value: 511f3aa3-110c-11ed-9a22-13b80d860206
sync.aniview.com/	1970-01-20 04:56:24	Name: 2_C_2 Value: 511f3aa3-110c-11ed-9a22-13b80d860206
.everesttech.net/	1970-01-20 13:40:34	Name: everest_g_v2 Value: g_surferid~Yubg2wADCIhUKAA0
.retailads.net/	1970-01-20 05:38:10	Name: ppb2172 Value: 1517760839
.casalemedia.com/	1970-01-20 04:56:24	Name: CMST Value: Yubg22Lm4NwA
.casalemedia.com/	1970-01-20 13:40:34	Name: CMRUM3 Value: 4962e6e0db05a0&2d62e6e0db05a0CAESENfj03m1FxeMCi_eqdMPedU&5862e6e0dc2760Yubg2wADCIhUKAA0&f162e6e0db05a0&6f62e6e0db05a0&2962e6e0db05a0&e662e6e0db2760&2762e6e0db0b40
.quantserve.com/	1970-01-20 07:04:34	Name: d Value: EGEBCQHfJoEA
.futalis.de/	1970-01-20 06:21:22	Name: raSIDb Value: 1517760839
.awin1.com/	1970-01-20 04:56:24	Name: awpv11524 Value: 296283\|1659298012\|51675680-110c-11ed-96ab-2230957fd0f4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 391598:2661283
.casalemedia.com/	1970-01-20 07:04:34	Name: CMTS Value: 1139
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2251760b62-110c-11ed-a26c-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1659384412%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 22:26:10	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj517627c8-110c-11ed-a26c-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1722370012%3B%7D
trf.greatviews.de/	1970-01-20 09:14:10	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2251760aea-110c-11ed-a26c-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221659298012%25%255712300%25%2551760a2c-110c-11ed-a26c-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1674850012%3B%7D
trf.greatviews.de/	1970-01-20 05:05:02	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1659902812%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jhmolgqcajmlhqacsgo4vhtj
pb.media01.eu/	1970-01-20 22:27:36	Name: DTU Value: 874E131AD6882C495BB53FAF94172637
.innovid.com/	1970-01-20 07:04:34	Name: uuid Value: 0442878a-83cb-48d5-9a44-1894e14439e0-20220731 16:06:52
.www.parship.de/	1970-01-20 04:54:59	Name: __cf_bm Value: X6qOgmUEBQh8JEdbp0Sg5sBD5utQRZQAnBZ.zPvAZlc-1659298012-0-AW4psEjoQGic/Kpq5s+UCGNiBM2yghYgE4aXDh7D0yXlo5Uamr7P1x5trG6ahfVSZHCIfYpVCi3tfUrKqwczUuY=
.parship.de/	1970-01-20 05:05:02	Name: NVI_LC2 Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID_TS%3A1659298012
.parship.de/	1970-01-21 06:50:10	Name: NVI_FC Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1659298012.5712300.51760a2c-110c-11ed-a26c-00155d255900ID_TS%3A1659298012
.e.dlx.addthis.com/	1970-01-20 14:25:12	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:25:12	Name: na_id Value: 2022073120065200014413399275
.addthis.com/	1970-01-20 14:25:12	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:25:12	Name: uid Value: 62e6e0dcd1bf4936
.addthis.com/	1970-01-20 14:25:12	Name: ouid Value: 62e6e0dc0001d2d553740594812f651996a3d48a9fe556dac7fe
.dlx.addthis.com/	1970-01-20 05:38:10	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:38:10	Name: na_sr Value: 20220731
.dlx.addthis.com/	1970-01-20 04:54:58	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:38:10	Name: na_sc_e Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d289ed4613bedfc3
kesq.com/	1970-01-20 05:38:10	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kesq.com/	1970-01-20 05:38:10	Name: _pubcid Value: 2cdd15fd-1fec-4194-921f-b6f364f0aea3
kesq.com/	1970-01-20 14:16:34	Name: cto_bidid Value: iJgsNl9iOFpkUDJoc05TRDZoYmFEMTFOZ280Zno2SjFRTDdsS04wRHlHZVNQNWhBYmZUWXhDdzl2SU9ieVElMkZYUGYzZDh3SXVvOEswVUlPM1Zva0k0NzJPWW1RJTNEJTNE
kesq.com/	1970-01-20 14:16:34	Name: cto_bundle Value: jxVBVF9TVWZ4aVZtaDlRRjFKZXpkcWZYc2ExeTZvJTJGUUNMUFBCV01kODRmd2pOcmdzTnRmSm9qQ2xOR0F2SmhpTkNmbGJZZXpVcWtqZUZ2S0pPVmxsRDJKYTFrQTNxa3RjSmtCQzROc293NWpPS2JVNWJ4Y25HNUxMVUMwQWVUQUF0N1o3

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, camera, magnetometer, microphone, usb. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47d99064ea7309156f4d6e1b6f3db84f.safeframe.googlesyndication.com
a.teads.tv
ad-server.eu
ads.pubmatic.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
api.pymx5.com
api.viafoura.co
apv-launcher.minute.ly
apv-static.minute.ly
apv-static.tldw.me
assets.squareoffs.com
at.teads.tv
bam.nr-data.net
c1.adform.net
cdn.blueconic.net
cdn.browsiprod.com
cdn.jsdelivr.net
cdn.retailads.net
cdn.viafoura.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
counter.snackly.co
counter.tldw.me
demand-engine.browsiprod.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eum.instana.io
events.browsiprod.com
events.kesq.com
feed.mikle.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90005.redintelligence.net
i.viafoura.co
ib.adnxs.com
image6.pubmatic.com
jadserve.postrelease.com
js-agent.newrelic.com
kesq.b-cdn.net
kesq.com
match.adsrvr.org
medialead.de
mug.criteo.com
npgco.blueconic.net
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
plugins.blueconic.net
pr-bh.ybp.yahoo.com
pv.medialead.de
pymx5.com
r.casalemedia.com
region1.google-analytics.com
rules.quantcount.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.ntv.io
s3.amazonaws.com
s3.us-east-1.wasabisys.com
s8t.teads.tv
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
snippet.minute.ly
snippet.tldw.me
squareoffs.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.search.spotxchange.com
tpc.googlesyndication.com
track1.aniview.com
trf.greatviews.de
ups.analytics.yahoo.com
vjs.zencdn.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.parship.de
www.youtube.com
yield-manager.browsiprod.com
z.moatads.com
104.18.18.126
104.18.19.126
104.96.128.226
104.96.132.42
13.224.189.94
138.201.63.165
142.250.186.162
142.251.36.98
145.239.193.130
15.197.193.217
151.101.194.137
151.101.194.202
151.101.2.202
151.101.66.49
162.247.241.14
178.250.0.157
18.156.0.31
18.66.139.95
18.66.97.12
184.51.9.184
185.64.190.78
185.89.210.82
185.94.180.125
2.21.184.200
2.21.185.59
2001:4860:4802:34::36
2001:4860:4802:38::178
205.185.216.10
205.185.216.42
209.54.182.161
213.19.147.44
23.47.209.169
2600:1f18:44f0:4816:64cb:bad3:2a8c:c8f3
2600:9000:20eb:ae00:6:44e3:f8c0:93a1
2600:9000:20eb:ce00:8:2ae1:d740:93a1
2606:4700:10::6816:48ae
2606:4700:10::6816:4aef
2606:4700:20::ac43:48f0
2606:4700::6810:cb16
2606:4700::6811:180e
2606:4700::6813:ba79
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:12a:8001::1
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:4014:80a::2002
2a00:1450:4014:80a::2004
2a00:1450:4014:80a::2008
2a00:1450:4014:80b::200a
2a00:1450:4014:80e::2001
2a00:1450:4014:80e::2002
2a00:1450:4025:402::9a
2a01:4f8:d0a:2321::2
2a02:2638::1c
2a02:26f0:6c00:19c::26e5
2a02:26f0:ea:4b9::2c79
2a04:4e42:400::485
2a04:4e42::729
2a05:d018:d29:3602:68f1:8fce:a96f:e71c
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
3.233.138.68
34.225.117.0
34.96.74.203
34.98.67.61
35.173.69.21
35.223.203.253
35.227.203.93
37.157.6.245
38.27.106.53
49.12.22.42
51.89.9.252
52.23.130.19
52.72.67.212
54.170.230.96
54.174.213.70
54.187.193.66
54.229.139.225
54.231.135.208
54.76.176.197
63.251.232.170
63.33.106.83
69.173.144.138
69.192.160.219
85.239.105.10
88.198.250.30
88.99.219.174
89.187.169.15
94.23.99.218
000b9b4ee10170644e9f5068423e6e8b8ea26787311eb0c764bcc2ea1ce28408
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031fcc63b673cbe1e0de97b98ed23854f8cef55cb34b07a9737689635c976170
0412324af43079788f00548e7536deaf70a16ff08b76dd2c65f767d1bd0382ab
062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156
07a0545c00ecfd98dfa3f8a6dff5451780a679455680e517cec826b92ba6be4d
07fc9910e487dc47adf17cbac80967ff1ce6c539ac50d9bc0aa0d32d02450f13
0879d98559c8e27797788a87521a624188b93b24c7fa99df9f870bf1b323191d
09f9fd9113b535927d6666ca18f2b5c39fcbd0dea5085f7eaffadeeae13e05aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a06dcea4b23f87b80587a7a2f8e1d74c4ec7d6607d536b1dff2e8580129f8
0c1bb27b91d9465310792ab1125e82240f02a7f92b55aa42dc1510088e07ce1b
0e39168aae4d6011c196e6de01da92c783ea42dc2789cafdfacb2a4258675ba9
0f9be5681874d9f7fea49bbfa4187759c68b81eb7bbd77205682c110b9a43931
0fb24af945361268b9fe56949c5d2ae8c151a82f9254c05c113d29a2ca14c32f
10712d1d0f043cd68bf8d473908b5eaab53bedf3c8d6814aa966d2e9b0a660a8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12733c8d6d71840ec1e9d10763e7774d9c720f3e8e3e54dec82e6aeddc09712b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16999c0de978117617756aea20c61fa832e8e5beab55536a249563e059e08717
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
176fec6a7fad473d3102d548facfa993bedf4322dca6c0c308ac46d0ef7265c9
17cc83e3533194941bda74c1c2e67de68aeee7cbbc95a209d8e579466bdff0e0
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
1958d7d53006e287cd42b0d5dbc5f26475e67c39e00ba21ad9e5f5a34a39e445
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944
1e600a7debd226f2859e7f861535e22b0580cd80f956a1e586b680440cd9048d
1f0ab978838efc7dc4b61dd5ffa2e2c45380e20a828c10a594c78b0cafcf76af
1fe4aab51a544cfaceeb8dc1d9ed7cc9ce296ffc069bf4a925a7600bbf8421db
20dd55f5158dd6daa30e062649c9bad8584ff07b6bb4a4a2157fe9da05dd355f
2356e0cfa404452ba162bd881ff100ec108eae5a91b5566a922fc66b78a7096e
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
244238d6d950c69cc25a323ffe38495b71421ff28c365d7739ba76a4d0226e13
2506c55760ff8b1bc3dcf34486765a3e2b2d66c59c685a226e0a72a78055126d
25635c09d7a2192342add50316c4951d428e8d65ae38b1625b1c525f49424967
276b2e230a5c051221c881b9ed7e886b5a6e7eedcefdadf7a4eee2ae55bb6c1b
27e22e7e6035036c0814bef7199b90461e1e872f266b4e66724134faee3cc5fa
284f18323f6d4447450f7e91af3e577d448282f120f7feb6ac3167695728d265
297ff0bb8598f98b7098c965b2f8c8036f548df903726c9fba04443414a8e3f9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae1e23ee382635d06f64397ba526734cd0c89cde579912d41f03252fecc9b81
2b59ca8bb148dd09702bfd517affa8fcfd4311768872e7d51ba1978672e44984
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
2d6296e7a7bc233e2837215191956ef3193ef452539448dce8063575e2a27ad2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f03e25d5baaead3af88ab32882881df5e5721e7846d0407bb1680065b855481
2fb8b59fee922d2f00bcb56228a169a9bcc0810ac20929e9112f132ed3ff6669
2fbbae4abf7e1b517f1f8eae51d45b771e95aeaf3975671750c3ed138c09de78
3013d97ec15ee0fb663b6e9c7b5ee7457f940baf8bc68249e8c9dc67a59b01c2
30238015ace7c59521ab23dcda63e83d0dd715c77e548ffd70fdfad89c683197
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9
31c85cc6147bdb0f54524cfbaefe5af4834364821fa95d371591e2242c3789e9
31cc33a86913201396dd86b56df02fac8e37f7f939def3ed7a3057ab7ea838a9
33c3d4cd5225958f1d3cf773cf175941e6cdccb7b50d6f32b7fdadd84056ba98
3430dca601f444272bc70149d25ce4d8a236161650ebc01a5888ab0bed60073a
3796c3c2b32c8905b67fe633670145d06f5967da61e0ba2505f67e868b441f45
38239c0eb2ff0b67f37b09c7180a99f5d1d86bd75920a10d9ece28cde70ecae8
3962092881c2463cf6a930cc815c05d1fffdea3c8b2f6220b0de85e31f81784c
3cad73fb09fa109ce67f4fb4e2222c7e2eefc90aa436f0c445e9671db559538a
3cb352e04b672cf3049ce94372fbbdfb42036ef45c360a15f52a495395558a9e
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3f88bd2fd79e49bea67ca9456b79facac3769c5703a6f33826e21301d83e7255
41a6a30eb03c5d25ca9524609f38fa1b70aa684257fce0f4f05f1c951aae20a3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
427cd20c734ff44e69a44da468c62e73c947b22754f6b970483f253c5c322fd0
436bff18353cdd23f319497c726b6d88c27dc3a90b176ff7cc16bc5f0ffd8906
47fc8777d4617343fe70714411940f12db53a742debfc8c41f536475a0ba70d2
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c84a9ea220f42a24f4f358b99ce4589d21c4d340e28d6cb6d2558d4f47bf4b7
4d1816b25a66dde1911383733ea407c5d05a3311acd206d556dfed430ed622ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4fa4ebe6b7dc050955af61f44380639a2a21b56bbfec71df6697f8dff521b59e
5032da8d0203f9ec6d572065c2d73012fe274e7ec53bd9f1be20905d191b653f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5211252d758f7c993c7a8e2856e21c1867dbb7d18d40fc8749a5b98e6ac3734a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56eea270dfdd40ee3933bff4fec9c257676b2a0886724bf5efe2e212511a8a1e
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5bca2d4288328711026ee112d545ab38fc8e56e5eb81ce85befa09b4d16dbc0c
5d7e73acdc9932a7e08da0d7549e6205b759f3e586089107517fc1348dc70d33
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5ef2408f2cac089d17372b64be14cf4065d9e7114596876e9bfaab09fd898eb7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64bd403de03c6f3d2ad7ec8f39ea5e52a5528e92524a0eea686e3dc440e5b894
6502bff981206d758af053aa48d4ac0d41a098becd47e48ac9056a6553458d8e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67756f3d98f02b4e864a41b07d31df218bd75dfd36676864d22c314880e68964
67a4878c66a30fb80b1e2411d8550c8e7aa863cc5a98aacc21069b467422a1cd
67e97f3d17f69516231c461af7b3c3578b50654ce0f41427b7d7cca35e5256ff
6882e5b22cfa863c2631280944c5e9dcb6dd7ae9c4f159021fce2bed20d4d529
689ff7cb7dbf8065daefadaa13213620126df9fb5d5575cad58a97b325451e8b
69f4c0e2968b3abf25f440ea9750e2e01fad20dc34ad3ac45fbb95171fdb0763
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc96e9bab2ae13132fe2ca25bb4aa51865e474dfb771f0c82067cb53fbde4ba
6dbaf56c796ee1e2933a62a06955905bd61e6f4d9092f063fa1738d6fe4a9193
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
705e131cf96d355364f44e9309008ccbaa0ab3933d66ea211df5526d04bdd237
727052d8743a436049aaf9aa8a70de0d2492ce136b24879ae366f3ee9835ca10
72b88b6dd3591e047ebc4e90d6b42b95f9950d242912bbd86c145f05a6b78011
764846f18b34bd46a22db4133aecca579fb7519e6ff5986407dd065b801c6a78
78d0a446b8f407e4cb3b2b2a965b57a25d1f0438c0acb089371bca9749feed3b
7b5a5134abdd82fe74cfe08760a01ce4e95df811910df09506718f3c51904038
7b6a27be9c6f4448bf61dda09a9fa32b1eb91d2dbc62b3f025df4cca0bc302fd
7de4ebe6f7e5c57026f039da23b86f99cb0dcf117dfe5f893ace0b1988370f78
7e97a716014f8a6fcb6f8c2cd421db6458078667f9320aaf225c509f61940b9b
80667449ce01c4b2db6007832fc496ca185c012dbff31e424855557c0e54ec1e
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
81f719850af306fd520440a0b395b8a7b08130455f7d89227f986cbb2137991d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85dfe57bc8a34df8e5525df72f2bc17e4c10d7938c7cacb7fe11e73ee8dd5dd8
8661d04ebc960c2ec5e54d4adcac5518efb3774b4c252830e56402a22ca90216
86907b32661b18f6fe7903b67b5933da102eff4b7e9ae82d871072500caea2f8
8884c925a54f34b805f0fc4637583a5dc6c2d5f9870d19a9b74686ae59368738
88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa
8a32cdabc9ad1fff4bad02b77ec63d2e14b320ff4bcd1f5a50c68897c15267b8
8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd
8a77dee6a595234131e3cdba142e6403faaafb7ee93920a846c2be629751d054
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae1f5532f9d310fe1c417006170224df6af527c6a8abf8f8d297c611302ec8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e541ec7c549f193f51f945923b4baa7bfbaec9382f342f00d45d508736cd6b6
8efe32c962f8079bea440dbbc69c87fa1004a2e830e3266907bd53aab0df0c92
8f4bd5d97fb956b0cc6033f3bd500568ca42cbfeaa9205da1d8caefda61cb839
8f6979db96a442652af975ea3dc44258a6bf4ac0529a956a371ac579b581d0f2
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
9352de6cca8fb7a724e4643e7276ea6306b86731eac6a3069adb11197900de7c
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94155bf0e642b3c87d1f2b225bf5a40a34ac6a436fac465f9c6f53fa20dbd163
959ffc1c9ed6e4f06054bb3175d9459a37e79fc5b4b756c23a14abf3117be8e2
962b13ce46569ac3c689618866b45bf1f55f10cac906df470b168df204b293a6
97186ca8cd3891de25d24587a89b17d5c93e9dd502fc5acb5abe13d9af9c1d61
98a409fc2fcb461612ac2baa15178faad822dfaddc3eab141a45f0ebb79d9924
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10
9ede164d1e4a54dbde0c2181e2c9958a44cf355569398a7e57130a24e175f4ec
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a067282eb49b4b9a314ed56842edf759d320ebd9f2a345d5881f0abeca117a45
a0a747933960c27dc9e8d0dce309c4b86df3247e4d576b3627f4ec06072a0738
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a130d8783fcc312003c082308a6c9dad1abe6324bded170285170556e92fbc82
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d0d9deb076517a6a0f52fc09433c4b0c2af9adc2a834414aa31547fa47f14a
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280
a3dd3c312a0b1fe05a7ca3f47ffb8eb8f8f20f20ad89acfb22587d0950797d43
a40a9f2b83260352c8de2058afb7e1af11e48500a14432c4cbc0b72afac6fb59
a411d089866aaa8961b38410d3ed37f4d52ca0ab15236d67b0f56f93bb20a5cb
a491c3dbdbcebaf66db9b3a581f33d35224aa8e312f4b280346061739f25dc5a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b01c636e19d7615a29fc42054e7360fcb13a709fdd57d20b1d26e4b2ffd046
a4bd82c9f483f059a738dd1a0320fc447fb4569c400a194badd4fe59b0822e34
a51c780d7d3e6e10734aed22f692e0f08ee5fe48b458890e6f13b56ceb8de9fe
a58b5573e094decca6032a2d52bee2cae53654e12b88252f88c9d78b29f87322
a5c472eb498be9d618f4e850fbfa1608eaec1e73f7a9ca97fe28a19188bde740
a6b13d6dcec91adbb949b1148d7171557c311b097a85007cf1022a5ba6dee47b
a71a49736f4600c7295cf188d2a472e4019624631d5e1481a8829cf0fc9b944c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa074e019e49996734864780e02fa6b387cda33de27f43c2a1b6957be676f981
ab0a9766062f904ed6fceb8cfca73b5686e491b43241817a25f3bff0f547ff01
ab94db5ace8646a450fe74634845d50eb0f0083f0cd50518b48fccb3e8c19935
ad091945f95bfc12e0357ca55091db4b47229abd21efaced6b849db605c13997
ae29c0a50b015d25bc4ab4a1d3e50394cca8718506906c57667690dd3ac94f4d
ae2f1c27b7ce8e6fc710291ef6cd41aea36f11b7dc4f0d2273b28741784c5e9a
aef28f4f7d4f257ebf19d6bdca1585fb003fb4316f2f2d0db79e41d10fa7c691
b033528103f70b1fc86db574626282c1aad0364701a0913659ab70747655455d
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b178d08dd794146a6ed4c41b530bc359e93d62514c38225b12b94c0721b241c1
b42e22e6c51d4d6977f7baa9c44458875d6952ac5f3aaa9ec20596202fb3f484
b4e97339829ec9d0ff5c5084e54a11134828a5787b9081afa964ba4e588d907d
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba34080d2aa5d3b75af8e56d80cce88d90cff3c17607f7067631940a606a4d21
ba82e6480a2599627970d68d9d42b4e51c488e9eb8587d3cf9d539724b44b073
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d
c00371b4c5eb8328791a15210ed22492ec7efbd4895907e1bea770fcff12e53c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28b59949c1d29ee8b83765cce09df06dfef2d7b839f47c69042b52b79d70a1d
c350eb03b9a365a284c6d3ecf2fcfc24f7e3d4b4b6fe71ccf0208e0103b1e376
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe
c6a95e8a503b7c9003ce95194f008246d1b145645e55a0a1c7c159f637feb7fa
c85c3808dfe42fa74e54afb6875ce3856dc07c5d49002197d892bd8109fb878d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca76f767de2229c0ed756d8216a90c2668f7f3983644ee002666534ff38954fa
cb5798a284da490e620ff00069f852bc690799e2af53b40c7e2f03209dd8a3e5
ccad19f704923a6eccf3c46faa737668784b97d45728ce1ed29d5f34204d901f
cda99612ffce077f473da92e7c0929c9a80bab0dacd173105dfca9b1d3c30177
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d2d37ebbd63f9f33298225cee771b8eb5d35b40f0a8d7ab2964f790f5e8ecf56
d41ad79d3d79364a3b1160998776d8fe3c51400abe5bba252bf5c8259e9f9184
d4e135a220eb3029f81c6298c91c25cf579606567ac483b84548e0b4281f953d
d4e4d2827b5ab8c6385e9b963eae0377a5e724048c1e7fe9dddfe1e1d9454a89
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
d6e55f91c93608caf7f0227cd0fb05c71da80ed304818d221d894ab302d0189b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5
d9a788f4d19b9938a61116bc4cae75cdfbe029d8d0de13d1bf5c7458d33dea7f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e1befb2b44f4113aa042daf10a89355ec40481820a5b03ca0f6dc99a42fe2152
e1c6188138641875be47586e955ea4b16f83fc96629c035558cd1c1a6f536952
e21f797e4abd86dc3ab738e767662c269c792481307dd66663eb8117e3d82bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9b227f6f1789e870ce5ffe0d4becb276ec5abeb98d45d82ff5040a1b11611
e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c
e57f398cb2a465a3cc0524e4cce4513e147b2ebf04ea8beffe47beaf617d484d
e5893cc7b3861f4221765d71bbb04489b2bd2b17349ab90809d3db5c5dee65e5
e67c6d94cd2a08f62fa76e292cfe34363bad74181a8a99669e3b377a53c0d781
e8414246142ce5ed748336d300acdc14559ca4318d0332639104778b596fa981
e87e009032216efe6de0b9856944ba89858250936e908e59200f79a142180e96
e8e684fd5f104e4d4a6ae4e8526fbfa7cb6963950fc737fe65f05233dbd95b6e
e8ebba2c054fd7e8a4747812be2ae4269af334a2e74f28ca244870fa78f7cd80
e8ee2708c1df628a6145b03d746fbdbb5076288464484672b25f70917ecea416
e9539f788458735602ca2fef7ae7b61b0945c861e15021b729a8277d0013cf42
eba523b4915828a2ca603a46b47ad857ea0d717652027a5eb7003829a6b6a75d
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecf1d2dc28a8fe2332483cfa144e98791181a2e7ffcc500a16828c1d0a6da947
ee2ec977814ef6d0e7399fdf80c62a5195c203c9ca02686506bcb5afe9ff1695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18bf97b3f01d73b9a1cdefdec5d15fc1a895dfe6d1d1ca4254ea2ff0fe1f433
f1c0dbc47d7191146dca50ad89abaa1f6c78e45503e7f9c96d211f28e528c598
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01
f3088ba845d99fb2cbb69af1a532c8bc9a4888e96f016fcc28fd0cbfaa8f2b20
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb54dd9a2417da235948b5619ab1c65c911830c730e97720e102779d94367262
fd1f00572f3cefc45fb81ea76d3656e1341aa3172f71dc0fa3c32fac5da92ed6
fd605315fcaf4a6e974ee1cea4503971d733e36971ec2bfe9129be308a61f4bc

kesq.com Open in urlscan Pro 2620:12a:8001::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

330 Requests

96 %HTTPS

38 %IPv6

63 Domains

102 Subdomains

85 IPs

9 Countries

17090 kBTransfer

26644 kBSize

87 Cookies

19 Outgoing links

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kesq.com Open in urlscan Pro
2620:12a:8001::1 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

96 %
HTTPS

38 %
IPv6

63
Domains

102
Subdomains

85
IPs

9
Countries

17090 kB
Transfer

26644 kB
Size

87
Cookies

330 HTTP transactions
1 data transactions